PostgreSQL v3.8.0, Mar 22 23

postgresql.DefaultPrivileg

Explore with Pulumi AI

Deprecated:

postgresql.DefaultPrivileg has been deprecated in favor of postgresql.DefaultPrivileges

The postgresql.DefaultPrivileges resource creates and manages default privileges given to a user for a database schema.

Note: This resource needs Postgresql version 9 or above.

Usage

import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";

const readOnlyTables = new postgresql.DefaultPrivileges("readOnlyTables", {
    database: "test_db",
    objectType: "table",
    owner: "db_owner",
    privileges: ["SELECT"],
    role: "test_role",
    schema: "public",
});

import pulumi
import pulumi_postgresql as postgresql

read_only_tables = postgresql.DefaultPrivileges("readOnlyTables",
    database="test_db",
    object_type="table",
    owner="db_owner",
    privileges=["SELECT"],
    role="test_role",
    schema="public")

using System.Collections.Generic;
using Pulumi;
using PostgreSql = Pulumi.PostgreSql;

return await Deployment.RunAsync(() => 
{
    var readOnlyTables = new PostgreSql.DefaultPrivileges("readOnlyTables", new()
    {
        Database = "test_db",
        ObjectType = "table",
        Owner = "db_owner",
        Privileges = new[]
        {
            "SELECT",
        },
        Role = "test_role",
        Schema = "public",
    });

});

package main

import (
	"github.com/pulumi/pulumi-postgresql/sdk/v3/go/postgresql"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := postgresql.NewDefaultPrivileges(ctx, "readOnlyTables", &postgresql.DefaultPrivilegesArgs{
			Database:   pulumi.String("test_db"),
			ObjectType: pulumi.String("table"),
			Owner:      pulumi.String("db_owner"),
			Privileges: pulumi.StringArray{
				pulumi.String("SELECT"),
			},
			Role:   pulumi.String("test_role"),
			Schema: pulumi.String("public"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.postgresql.DefaultPrivileges;
import com.pulumi.postgresql.DefaultPrivilegesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var readOnlyTables = new DefaultPrivileges("readOnlyTables", DefaultPrivilegesArgs.builder()        
            .database("test_db")
            .objectType("table")
            .owner("db_owner")
            .privileges("SELECT")
            .role("test_role")
            .schema("public")
            .build());

    }
}

resources:
  readOnlyTables:
    type: postgresql:DefaultPrivileges
    properties:
      database: test_db
      objectType: table
      owner: db_owner
      privileges:
        - SELECT
      role: test_role
      schema: public

Examples

Revoke default privileges for functions for “public” role:

import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";

const revokePublic = new postgresql.DefaultPrivileges("revokePublic", {
    database: postgresql_database.example_db.name,
    role: "public",
    owner: "object_owner",
    objectType: "function",
    privileges: [],
});

import pulumi
import pulumi_postgresql as postgresql

revoke_public = postgresql.DefaultPrivileges("revokePublic",
    database=postgresql_database["example_db"]["name"],
    role="public",
    owner="object_owner",
    object_type="function",
    privileges=[])

using System.Collections.Generic;
using Pulumi;
using PostgreSql = Pulumi.PostgreSql;

return await Deployment.RunAsync(() => 
{
    var revokePublic = new PostgreSql.DefaultPrivileges("revokePublic", new()
    {
        Database = postgresql_database.Example_db.Name,
        Role = "public",
        Owner = "object_owner",
        ObjectType = "function",
        Privileges = new[] {},
    });

});

package main

import (
	"github.com/pulumi/pulumi-postgresql/sdk/v3/go/postgresql"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := postgresql.NewDefaultPrivileges(ctx, "revokePublic", &postgresql.DefaultPrivilegesArgs{
			Database:   pulumi.Any(postgresql_database.Example_db.Name),
			Role:       pulumi.String("public"),
			Owner:      pulumi.String("object_owner"),
			ObjectType: pulumi.String("function"),
			Privileges: pulumi.StringArray{},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.postgresql.DefaultPrivileges;
import com.pulumi.postgresql.DefaultPrivilegesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var revokePublic = new DefaultPrivileges("revokePublic", DefaultPrivilegesArgs.builder()        
            .database(postgresql_database.example_db().name())
            .role("public")
            .owner("object_owner")
            .objectType("function")
            .privileges()
            .build());

    }
}

resources:
  revokePublic:
    type: postgresql:DefaultPrivileges
    properties:
      database: ${postgresql_database.example_db.name}
      role: public
      owner: object_owner
      objectType: function
      privileges: []

Create DefaultPrivileg Resource

new DefaultPrivileg(name: string, args: DefaultPrivilegArgs, opts?: CustomResourceOptions);

@overload
def DefaultPrivileg(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    database: Optional[str] = None,
                    object_type: Optional[str] = None,
                    owner: Optional[str] = None,
                    privileges: Optional[Sequence[str]] = None,
                    role: Optional[str] = None,
                    schema: Optional[str] = None,
                    with_grant_option: Optional[bool] = None)
@overload
def DefaultPrivileg(resource_name: str,
                    args: DefaultPrivilegArgs,
                    opts: Optional[ResourceOptions] = None)

func NewDefaultPrivileg(ctx *Context, name string, args DefaultPrivilegArgs, opts ...ResourceOption) (*DefaultPrivileg, error)

public DefaultPrivileg(string name, DefaultPrivilegArgs args, CustomResourceOptions? opts = null)

public DefaultPrivileg(String name, DefaultPrivilegArgs args)
public DefaultPrivileg(String name, DefaultPrivilegArgs args, CustomResourceOptions options)

type: postgresql:DefaultPrivileg
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args DefaultPrivilegArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args DefaultPrivilegArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args DefaultPrivilegArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args DefaultPrivilegArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args DefaultPrivilegArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

DefaultPrivileg Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The DefaultPrivileg resource accepts the following input properties:

Database string: The database to grant default privileges for this role.
ObjectType string: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
Owner string: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
Privileges List<string>: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
Role string: The name of the role to which grant default privileges on.
Schema string: The database schema to set default privileges for this role.
WithGrantOption bool: Permit the grant recipient to grant it to others

Database string: The database to grant default privileges for this role.
ObjectType string: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
Owner string: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
Privileges []string: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
Role string: The name of the role to which grant default privileges on.
Schema string: The database schema to set default privileges for this role.
WithGrantOption bool: Permit the grant recipient to grant it to others

database String: The database to grant default privileges for this role.
objectType String: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
owner String: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
privileges List<String>: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
role String: The name of the role to which grant default privileges on.
schema String: The database schema to set default privileges for this role.
withGrantOption Boolean: Permit the grant recipient to grant it to others

database string: The database to grant default privileges for this role.
objectType string: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
owner string: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
privileges string[]: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
role string: The name of the role to which grant default privileges on.
schema string: The database schema to set default privileges for this role.
withGrantOption boolean: Permit the grant recipient to grant it to others

database str: The database to grant default privileges for this role.
object_type str: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
owner str: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
privileges Sequence[str]: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
role str: The name of the role to which grant default privileges on.
schema str: The database schema to set default privileges for this role.
with_grant_option bool: Permit the grant recipient to grant it to others

database String: The database to grant default privileges for this role.
objectType String: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
owner String: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
privileges List<String>: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
role String: The name of the role to which grant default privileges on.
schema String: The database schema to set default privileges for this role.
withGrantOption Boolean: Permit the grant recipient to grant it to others

Outputs

All input properties are implicitly available as output properties. Additionally, the DefaultPrivileg resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing DefaultPrivileg Resource

Get an existing DefaultPrivileg resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: DefaultPrivilegState, opts?: CustomResourceOptions): DefaultPrivileg

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        database: Optional[str] = None,
        object_type: Optional[str] = None,
        owner: Optional[str] = None,
        privileges: Optional[Sequence[str]] = None,
        role: Optional[str] = None,
        schema: Optional[str] = None,
        with_grant_option: Optional[bool] = None) -> DefaultPrivileg

func GetDefaultPrivileg(ctx *Context, name string, id IDInput, state *DefaultPrivilegState, opts ...ResourceOption) (*DefaultPrivileg, error)

public static DefaultPrivileg Get(string name, Input<string> id, DefaultPrivilegState? state, CustomResourceOptions? opts = null)

public static DefaultPrivileg get(String name, Output<String> id, DefaultPrivilegState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Database string: The database to grant default privileges for this role.
ObjectType string: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
Owner string: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
Privileges List<string>: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
Role string: The name of the role to which grant default privileges on.
Schema string: The database schema to set default privileges for this role.
WithGrantOption bool: Permit the grant recipient to grant it to others

Database string: The database to grant default privileges for this role.
ObjectType string: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
Owner string: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
Privileges []string: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
Role string: The name of the role to which grant default privileges on.
Schema string: The database schema to set default privileges for this role.
WithGrantOption bool: Permit the grant recipient to grant it to others

database String: The database to grant default privileges for this role.
objectType String: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
owner String: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
privileges List<String>: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
role String: The name of the role to which grant default privileges on.
schema String: The database schema to set default privileges for this role.
withGrantOption Boolean: Permit the grant recipient to grant it to others

database string: The database to grant default privileges for this role.
objectType string: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
owner string: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
privileges string[]: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
role string: The name of the role to which grant default privileges on.
schema string: The database schema to set default privileges for this role.
withGrantOption boolean: Permit the grant recipient to grant it to others

database str: The database to grant default privileges for this role.
object_type str: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
owner str: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
privileges Sequence[str]: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
role str: The name of the role to which grant default privileges on.
schema str: The database schema to set default privileges for this role.
with_grant_option bool: Permit the grant recipient to grant it to others

database String: The database to grant default privileges for this role.
objectType String: The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
owner String: Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
privileges List<String>: The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
role String: The name of the role to which grant default privileges on.
schema String: The database schema to set default privileges for this role.
withGrantOption Boolean: Permit the grant recipient to grant it to others

Package Details

Repository: PostgreSQL pulumi/pulumi-postgresql
License: Apache-2.0
Notes: This Pulumi package is based on the postgresql Terraform Provider.