Docs
Packagespostgresql.Grant
Explore with Pulumi AI
The postgresql.Grant resource creates and manages privileges given to a user for a database schema.
Note: This resource needs Postgresql version 9 or above. Note: Using column & table grants on the same table with the same privileges can lead to unexpected behaviours.
Usage
import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";
// Grant SELECT privileges on 2 tables
const readonlyTables = new postgresql.Grant("readonlyTables", {
database: "test_db",
objectType: "table",
objects: [
"table1",
"table2",
],
privileges: ["SELECT"],
role: "test_role",
schema: "public",
});
// Grant SELECT & INSERT privileges on 2 columns in 1 table
const readInsertColumn = new postgresql.Grant("readInsertColumn", {
columns: [
"col1",
"col2",
],
database: "test_db",
objectType: "column",
objects: ["table1"],
privileges: [
"UPDATE",
"INSERT",
],
role: "test_role",
schema: "public",
});
import pulumi
import pulumi_postgresql as postgresql
# Grant SELECT privileges on 2 tables
readonly_tables = postgresql.Grant("readonlyTables",
database="test_db",
object_type="table",
objects=[
"table1",
"table2",
],
privileges=["SELECT"],
role="test_role",
schema="public")
# Grant SELECT & INSERT privileges on 2 columns in 1 table
read_insert_column = postgresql.Grant("readInsertColumn",
columns=[
"col1",
"col2",
],
database="test_db",
object_type="column",
objects=["table1"],
privileges=[
"UPDATE",
"INSERT",
],
role="test_role",
schema="public")
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using PostgreSql = Pulumi.PostgreSql;
return await Deployment.RunAsync(() =>
{
// Grant SELECT privileges on 2 tables
var readonlyTables = new PostgreSql.Grant("readonlyTables", new()
{
Database = "test_db",
ObjectType = "table",
Objects = new[]
{
"table1",
"table2",
},
Privileges = new[]
{
"SELECT",
},
Role = "test_role",
Schema = "public",
});
// Grant SELECT & INSERT privileges on 2 columns in 1 table
var readInsertColumn = new PostgreSql.Grant("readInsertColumn", new()
{
Columns = new[]
{
"col1",
"col2",
},
Database = "test_db",
ObjectType = "column",
Objects = new[]
{
"table1",
},
Privileges = new[]
{
"UPDATE",
"INSERT",
},
Role = "test_role",
Schema = "public",
});
});
package main
import (
"github.com/pulumi/pulumi-postgresql/sdk/v3/go/postgresql"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := postgresql.NewGrant(ctx, "readonlyTables", &postgresql.GrantArgs{
Database: pulumi.String("test_db"),
ObjectType: pulumi.String("table"),
Objects: pulumi.StringArray{
pulumi.String("table1"),
pulumi.String("table2"),
},
Privileges: pulumi.StringArray{
pulumi.String("SELECT"),
},
Role: pulumi.String("test_role"),
Schema: pulumi.String("public"),
})
if err != nil {
return err
}
_, err = postgresql.NewGrant(ctx, "readInsertColumn", &postgresql.GrantArgs{
Columns: pulumi.StringArray{
pulumi.String("col1"),
pulumi.String("col2"),
},
Database: pulumi.String("test_db"),
ObjectType: pulumi.String("column"),
Objects: pulumi.StringArray{
pulumi.String("table1"),
},
Privileges: pulumi.StringArray{
pulumi.String("UPDATE"),
pulumi.String("INSERT"),
},
Role: pulumi.String("test_role"),
Schema: pulumi.String("public"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.postgresql.Grant;
import com.pulumi.postgresql.GrantArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var readonlyTables = new Grant("readonlyTables", GrantArgs.builder()
.database("test_db")
.objectType("table")
.objects(
"table1",
"table2")
.privileges("SELECT")
.role("test_role")
.schema("public")
.build());
var readInsertColumn = new Grant("readInsertColumn", GrantArgs.builder()
.columns(
"col1",
"col2")
.database("test_db")
.objectType("column")
.objects("table1")
.privileges(
"UPDATE",
"INSERT")
.role("test_role")
.schema("public")
.build());
}
}
resources:
# Grant SELECT privileges on 2 tables
readonlyTables:
type: postgresql:Grant
properties:
database: test_db
objectType: table
objects:
- table1
- table2
privileges:
- SELECT
role: test_role
schema: public
# Grant SELECT & INSERT privileges on 2 columns in 1 table
readInsertColumn:
type: postgresql:Grant
properties:
columns:
- col1
- col2
database: test_db
objectType: column
objects:
- table1
privileges:
- UPDATE
- INSERT
role: test_role
schema: public
Examples
Revoke default accesses for public schema:
import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";
const revokePublic = new postgresql.Grant("revokePublic", {
database: "test_db",
objectType: "schema",
privileges: [],
role: "public",
schema: "public",
});
import pulumi
import pulumi_postgresql as postgresql
revoke_public = postgresql.Grant("revokePublic",
database="test_db",
object_type="schema",
privileges=[],
role="public",
schema="public")
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using PostgreSql = Pulumi.PostgreSql;
return await Deployment.RunAsync(() =>
{
var revokePublic = new PostgreSql.Grant("revokePublic", new()
{
Database = "test_db",
ObjectType = "schema",
Privileges = new[] {},
Role = "public",
Schema = "public",
});
});
package main
import (
"github.com/pulumi/pulumi-postgresql/sdk/v3/go/postgresql"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := postgresql.NewGrant(ctx, "revokePublic", &postgresql.GrantArgs{
Database: pulumi.String("test_db"),
ObjectType: pulumi.String("schema"),
Privileges: pulumi.StringArray{},
Role: pulumi.String("public"),
Schema: pulumi.String("public"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.postgresql.Grant;
import com.pulumi.postgresql.GrantArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var revokePublic = new Grant("revokePublic", GrantArgs.builder()
.database("test_db")
.objectType("schema")
.privileges()
.role("public")
.schema("public")
.build());
}
}
resources:
revokePublic:
type: postgresql:Grant
properties:
database: test_db
objectType: schema
privileges: []
role: public
schema: public
Create Grant Resource
new Grant(name: string, args: GrantArgs, opts?: CustomResourceOptions);@overload
def Grant(resource_name: str,
opts: Optional[ResourceOptions] = None,
columns: Optional[Sequence[str]] = None,
database: Optional[str] = None,
object_type: Optional[str] = None,
objects: Optional[Sequence[str]] = None,
privileges: Optional[Sequence[str]] = None,
role: Optional[str] = None,
schema: Optional[str] = None,
with_grant_option: Optional[bool] = None)
@overload
def Grant(resource_name: str,
args: GrantArgs,
opts: Optional[ResourceOptions] = None)func NewGrant(ctx *Context, name string, args GrantArgs, opts ...ResourceOption) (*Grant, error)public Grant(string name, GrantArgs args, CustomResourceOptions? opts = null)type: postgresql:Grant
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GrantArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GrantArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GrantArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GrantArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GrantArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Grant Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Grant resource accepts the following input properties:
- Database string
The database to grant privileges on for this role.
- Object
Type string The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- Privileges List<string>
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- Role string
The name of the role to grant privileges on, Set it to "public" for all roles.
- Columns List<string>
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- Objects List<string>
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- Schema string
The database schema to grant privileges on for this role (Required except if object_type is "database")
- With
Grant boolOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- Database string
The database to grant privileges on for this role.
- Object
Type string The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- Privileges []string
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- Role string
The name of the role to grant privileges on, Set it to "public" for all roles.
- Columns []string
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- Objects []string
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- Schema string
The database schema to grant privileges on for this role (Required except if object_type is "database")
- With
Grant boolOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- database String
The database to grant privileges on for this role.
- object
Type String The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- privileges List<String>
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- role String
The name of the role to grant privileges on, Set it to "public" for all roles.
- columns List<String>
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- objects List<String>
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- schema String
The database schema to grant privileges on for this role (Required except if object_type is "database")
- with
Grant BooleanOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- database string
The database to grant privileges on for this role.
- object
Type string The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- privileges string[]
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- role string
The name of the role to grant privileges on, Set it to "public" for all roles.
- columns string[]
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- objects string[]
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- schema string
The database schema to grant privileges on for this role (Required except if object_type is "database")
- with
Grant booleanOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- database str
The database to grant privileges on for this role.
- object_
type str The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- privileges Sequence[str]
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- role str
The name of the role to grant privileges on, Set it to "public" for all roles.
- columns Sequence[str]
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- objects Sequence[str]
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- schema str
The database schema to grant privileges on for this role (Required except if object_type is "database")
- with_
grant_ booloption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- database String
The database to grant privileges on for this role.
- object
Type String The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- privileges List<String>
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- role String
The name of the role to grant privileges on, Set it to "public" for all roles.
- columns List<String>
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- objects List<String>
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- schema String
The database schema to grant privileges on for this role (Required except if object_type is "database")
- with
Grant BooleanOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
Outputs
All input properties are implicitly available as output properties. Additionally, the Grant resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing Grant Resource
Get an existing Grant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GrantState, opts?: CustomResourceOptions): Grant@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
columns: Optional[Sequence[str]] = None,
database: Optional[str] = None,
object_type: Optional[str] = None,
objects: Optional[Sequence[str]] = None,
privileges: Optional[Sequence[str]] = None,
role: Optional[str] = None,
schema: Optional[str] = None,
with_grant_option: Optional[bool] = None) -> Grantfunc GetGrant(ctx *Context, name string, id IDInput, state *GrantState, opts ...ResourceOption) (*Grant, error)public static Grant Get(string name, Input<string> id, GrantState? state, CustomResourceOptions? opts = null)public static Grant get(String name, Output<String> id, GrantState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Columns List<string>
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- Database string
The database to grant privileges on for this role.
- Object
Type string The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- Objects List<string>
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- Privileges List<string>
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- Role string
The name of the role to grant privileges on, Set it to "public" for all roles.
- Schema string
The database schema to grant privileges on for this role (Required except if object_type is "database")
- With
Grant boolOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- Columns []string
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- Database string
The database to grant privileges on for this role.
- Object
Type string The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- Objects []string
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- Privileges []string
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- Role string
The name of the role to grant privileges on, Set it to "public" for all roles.
- Schema string
The database schema to grant privileges on for this role (Required except if object_type is "database")
- With
Grant boolOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- columns List<String>
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- database String
The database to grant privileges on for this role.
- object
Type String The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- objects List<String>
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- privileges List<String>
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- role String
The name of the role to grant privileges on, Set it to "public" for all roles.
- schema String
The database schema to grant privileges on for this role (Required except if object_type is "database")
- with
Grant BooleanOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- columns string[]
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- database string
The database to grant privileges on for this role.
- object
Type string The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- objects string[]
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- privileges string[]
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- role string
The name of the role to grant privileges on, Set it to "public" for all roles.
- schema string
The database schema to grant privileges on for this role (Required except if object_type is "database")
- with
Grant booleanOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- columns Sequence[str]
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- database str
The database to grant privileges on for this role.
- object_
type str The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- objects Sequence[str]
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- privileges Sequence[str]
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- role str
The name of the role to grant privileges on, Set it to "public" for all roles.
- schema str
The database schema to grant privileges on for this role (Required except if object_type is "database")
- with_
grant_ booloption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
- columns List<String>
The columns upon which to grant the privileges. Required when
object_typeiscolumn. You cannot specify this option if theobject_typeis notcolumn.- database String
The database to grant privileges on for this role.
- object
Type String The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
- objects List<String>
The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the
object_typeisdatabaseorschema. Whenobject_typeiscolumn, only one value is allowed.- privileges List<String>
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
- role String
The name of the role to grant privileges on, Set it to "public" for all roles.
- schema String
The database schema to grant privileges on for this role (Required except if object_type is "database")
- with
Grant BooleanOption Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
Package Details
- Repository
- PostgreSQL pulumi/pulumi-postgresql
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
postgresqlTerraform Provider.