salt.states.postgres_privileges
Management of PostgreSQL Privileges
The postgres_privileges module is used to manage Postgres privileges. Privileges can be set as either absent or present.
Privileges can be set on the following database object types:
database
schema
tablespace
table
sequence
language
group
Setting the grant option is supported as well.
New in version 2016.3.0.
baruwa:
postgres_privileges.present:
- object_name: awl
- object_type: table
- privileges:
- SELECT
- INSERT
- DELETE
- grant_option: False
- prepend: public
- maintenance_db: testdb andrew:
postgres_privileges.present:
- object_name: admins
- object_type: group
- grant_option: False
- maintenance_db: testdb baruwa:
postgres_privileges.absent:
- object_name: awl
- object_type: table
- privileges:
- SELECT
- INSERT
- DELETE
- prepend: public
- maintenance_db: testdb andrew:
postgres_privileges.absent:
- object_name: admins
- object_type: group
- maintenance_db: testdb -
Revoke the requested privilege(s) on the specificed object(s)
- name
-
Name of the role whose privileges should be revoked
- object_name
-
Name of the object on which the revoke is to be performed
- object_type
-
The object type, which can be one of the following:
table
sequence
schema
tablespace
language
database
group
function
View permissions should specify object_type: table.
- privileges
-
Comma separated list of privileges to revoke, from the list below:
INSERT
CREATE
TRUNCATE
CONNECT
TRIGGER
SELECT
USAGE
TEMPORARY
UPDATE
EXECUTE
REFERENCES
DELETE
ALL
- note
-
privileges should not be set when revoking group membership
- prepend
-
Table and Sequence object types live under a schema so this should be provided if the object is not under the default public schema
- maintenance_db
-
The name of the database in which the language is to be installed
- user
-
System user all operations should be performed on behalf of
- db_user
-
database username if different from config or default
- db_password
-
user password if any password for a specified user
- db_host
-
Database host if different from config or default
- db_port
-
Database port if different from config or default
salt.states.postgres_privileges.absent(name, object_name, object_type, privileges=None, prepend='public', maintenance_db=None, user=None, db_password=None, db_host=None, db_port=None, db_user=None)
-
Grant the requested privilege(s) on the specified object to a role
- name
-
Name of the role to which privileges should be granted
- object_name
-
Name of the object on which the grant is to be performed. 'ALL' may be used for objects of type 'table' or 'sequence'.
- object_type
-
The object type, which can be one of the following:
table
sequence
schema
tablespace
language
database
group
function
View permissions should specify object_type: table.
- privileges
-
List of privileges to grant, from the list below:
INSERT
CREATE
TRUNCATE
CONNECT
TRIGGER
SELECT
USAGE
TEMPORARY
UPDATE
EXECUTE
REFERENCES
DELETE
ALL
- note
-
privileges should not be set when granting group membership
- grant_option
-
If grant_option is set to True, the recipient of the privilege can in turn grant it to others
- prepend
-
Table and Sequence object types live under a schema so this should be provided if the object is not under the default public schema
- maintenance_db
-
The name of the database in which the language is to be installed
- user
-
System user all operations should be performed on behalf of
- db_user
-
database username if different from config or default
- db_password
-
user password if any password for a specified user
- db_host
-
Database host if different from config or default
- db_port
-
Database port if different from config or default
salt.states.postgres_privileges.present(name, object_name, object_type, privileges=None, grant_option=None, prepend='public', maintenance_db=None, user=None, db_password=None, db_host=None, db_port=None, db_user=None)
© 2021 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltproject.io/en/latest/ref/states/all/salt.states.postgres_privileges.html