Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User provisioning interface enhancement #34

Closed
Vonng opened this issue Feb 27, 2021 · 0 comments
Closed

User provisioning interface enhancement #34

Vonng opened this issue Feb 27, 2021 · 0 comments
Assignees
@Vonng
Labels
ENHANCEMENT New feature or request
Milestone
v0.7

Comments

@Vonng
Copy link
Owner

Vonng commented Feb 27, 2021
edited
Loading

Upgrade user creation interface to support complete features.

Current interface:

pg_users:
  - username: test                  # example production user have read-write access
    password: test                  # example user's password
    options: LOGIN                  # extra options
    groups: [ dbrole_readwrite ]    # dborole_admin|dbrole_readwrite|dbrole_readonly
    comment: default test user for production usage
    pgbouncer: true                 # add to pgbouncer

Proposed interface

Which include complete customizable options for postgres user/role.

pg_users:
  # complete example of user/role definition for production user
  - name: dbuser_meta               # example production user have read-write access
    password: DBUser.Meta           # example user's password, can be encrypted
    login: true                     # can login, true by default (should be false for role)
    superuser: false                # is superuser? false by default
    createdb: false                 # can create database? false by default
    createrole: false               # can create role? false by default
    inherit: true                   # can this role use inherited privileges?
    replication: false              # can this role do replication? false by default
    bypassrls: false                # can this role bypass row level security? false by default
    connlimit: -1                   # connection limit, -1 disable limit
    expire_at: '2030-12-31'         # 'timestamp' when this role is expired
    expire_in: 365                  # now + n days when this role is expired (OVERWRITE expire_at)
    roles: [dbrole_readwrite]       # dborole_admin|dbrole_readwrite|dbrole_readonly
    pgbouncer: true                 # add this user to pgbouncer? false by default (true for production user)
    parameters:                     # user's default search path
      search_path: public
    comment: test user
@Vonng Vonng added the ENHANCEMENT New feature or request label Feb 27, 2021
@Vonng Vonng added this to the 0.7 milestone Feb 27, 2021
@Vonng Vonng self-assigned this Feb 27, 2021
@Vonng Vonng changed the title User creation interface upgrade User provisioning interface enhancement Feb 27, 2021
@Vonng Vonng closed this as completed Mar 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Vonng Vonng

Labels
ENHANCEMENT New feature or request
Projects
None yet
Milestone
v0.7
Development

No branches or pull requests
1 participant
@Vonng