database specific pg_read_all_data / pg_write_all_data

From: richard coleman <rcoleman(dot)ascentgl(at)gmail(dot)com>
To: Pgsql-admin <pgsql-admin(at)lists(dot)postgresql(dot)org>
Subject: database specific pg_read_all_data / pg_write_all_data
Date: 2025-12-09 21:13:11
Message-ID: CAGA3vBug6Sq_XYLxzmY470WFS6Z3OF28goYzX=QHrCc4hgQSDw@mail.gmail.com
Views: Whole Thread | Raw Message | Download mbox | Resend email
Thread:
Lists: pgsql-admin

In PostgreSQL 16+ the built in roles such as pg_read_all_data
and pg_write_all_data are a welcome addition to permission setting in
PostgreSQL.

Unfortunately they appear to be server-wide roles.

Woud it be possible to have roles like these that are database specific?

If there are 100 databases on a server, it would be extremely helpful to be
able to do something like:

*grant *pg_read_all_data* on database *foo* to *user_role*;*

Otherwise these roles are unusable from a practical stand point on servers
with multiple unrelated databases.

Thanks for the help,
rik.

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Ron Johnson 2025-12-09 22:45:58 Re: database specific pg_read_all_data / pg_write_all_data
Previous Message Devrim Gündüz 2025-12-09 19:49:33 Re: Can't update RPM package to latest version