Closed seqizz closed 1 year ago
Thanks a lot :)
So I am not sure what privileges exactly it is missing currently.
I think you tried to give permission on the varaious schema so that the user declared for that remove server can successfully call the various functions. Unfortunately pg_stat_statements has a 2nd layer of security, as the query string (and the query id) could in theory leak some information. The documentation is far from perfect on that point (and it's in my plan to overhaul the whole security side documentation of powa), but you can already refer to https://powa.readthedocs.io/en/latest/security.html#required-privileges-on-remote-servers for most of it. As noted there, if you're using pg 10 or later (and I hope you're since pg10 is already EOL), what you need is to give pg_read_all_stats privilege on each remote server for the role configured on powa-collector to connect on that server.
Oh, well thanks for the insta-answer :)
Yep, missing privilege seem to be it. Now it works without any errors/warnings. Sorry for wasting your time, since it should be already clear on documentation.
Great news! And no worries, the documentation clearly needs some improvements!
Hi,
I'm trying to set up remote powa, but got following error:
Which is either a table structure issue, or I am missing something on the remote target (not getting any permission issues on there, according to logs). When I run
select public.powa_statements_src(0);
manually on the target, I get the result but it has stuff like:So I am not sure what privileges exactly it is missing currently.
Also thanks for the effort! :rocket: