Hi David (and others),
Thanks for the info about Public.
I should expound on my original email.
In our dev and test environments our admins (alice, bob, eve) are superusers. In production environments we'd like the admins to be read-only.
Is the Public role something I can leverage to achieve this desire?
Thanks for the help!
-m
On Sat, Oct 5, 2024 at 9:02 AM David G. Johnston <david.g.johnston@xxxxxxxxx> wrote:
On Saturday, October 5, 2024, Matt Zagrabelny <mzagrabe@xxxxxxxxx> wrote:Hello,I'd like to have a read-only user for all databases.I found the pg_read_all_data role predefined role, which I granted to my RO user:GRANT pg_read_all_data TO ro_user;...but I cannot connect to my database(s).I'd like to not have to iterate over all the databases and "GRANT CONNECT...".Is there a way to do this with just one GRANT or equivalent command?The pseudo-role Public exists for just this kind of thing. In fact, in a default installation it already is given connect privileges on all databases created by the bootstrap superuser.David J.
