Open joaocc opened 6 months ago
Hi @joaocc ,
It's not supported directly by the postgresql_role
resource but you can use the postgresql_grant_role
resource to define that, e.g. something like:
resource "postgresql_role" "t_read" {
name = "T_read"
}
resource "postgresql_grant_role" "admin_t_read" {
role = postgreql_role.t_read.name
grant_role = "T_admin"
with_admin_option = true
}
Let me know if it solves your question?
According to the documentation (https://registry.terraform.io/providers/cyrilgdn/postgresql/latest/docs/resources/postgresql_role), there doesn't seem to be a way to create a new ROLE and define an admin (or a set of admins) for that role. In PostgresSQL this is achieved with the
ADMIN
option onCREATE ROLE
https://www.postgresql.org/docs/current/sql-createrole.htmlAre there any plans to support this in this provider? If not, what is the recommended approach to set these on creation?
The real-world scenario here is that on a shared server, the
dba
account can create tenant specific rolesT_admin
/T_read
/T_write
, with the idea to haveT_admin
be able to manage memberships ofT_read
andT_write
Thanks!