Greetings, * Timmy Siu (timmy.siu@xxxxxxx) wrote: > Now, my question is - > What is the Minimum Privilege of a pgsql Backup or Replication user? To perform a file-level backup of PostgreSQL, your OS user will need read access to all of the files in the data directory (you can use group privileges for that as of v11, as I recall), and then it'll need to be able to connect to PG as a user and be able to execute the pg_start_backup() and pg_stop_backup() functions (you can grant that access by issuing GRANT commands). Depending on your file-level backup solution (please do NOT roll your own...), you might also need to grant access to functions like pg_switch_wal() too. Check the documentation for the backup solution. We do not (yet, anyway.. maybe in v13) have a way to GRANT read access to all tables in a database to be able to perform a database-wide export of the dat (using pg_dump). For replication, you need to create a user with the 'replication' role attribute and configure pg_hba.conf to allow the client to connect to the replication database. Thanks, Stephen
Attachment:
signature.asc
Description: PGP signature
