Heya,
Just preparing to start exploring Render Postgresql for the first time and wondering what types of permissions would need to be set on a new database?
i.e. What permissions does the new user have when you create a database.
Is it a superuser, and therefore would you need to take care of the majority of permissions administration for the database? Or, is it a user with less privileges?
Hi there,
Thanks for reaching out.
Render Postgres is a managed service, so you don’t have superuser access. Is there a particular permission you looking for/running up against?
Thanks
Alan
Thanks Alan, good to know.
No issues at all, literally just exploring/understanding before using.
Some advice you see in terms of security best practices is along the lines of…
REVOKE ALL ON DATABASE mydb FROM PUBLIC;
REVOKE ALL ON SCHEMA public FROM PUBLIC;
Then create separate roles for app_admin and app_user and GRANT least permissions selectively to these roles.
My assumption is that the new user you get when creating a new database in Render is essentially a kind of app_admin user.
Yes, the default user will have a lot of privileges, but it’s not a superuser. You’d likely want to retain the default as an admin-like user and create others with less permission as required for your use-case.
Alan
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.