Skip to content
This repository was archived by the owner on Nov 14, 2020. It is now read-only.
This repository was archived by the owner on Nov 14, 2020. It is now read-only.

Grant pg_read_server_files without superuser #141

Open
@siwon

Description

@siwon

Hi,

I get an error when I try to add a user to the group role pg_read_server_files without superuser access.
When I run the command GRANT "username" TO pg_read_server_files; manually, there is no problem but when I use postgresql_role I have a permission denied error.
In both case I use the same user to connect to the database which is not superuser.

Terraform Version

Terraform v0.12.24

Affected Resource(s)

Please list the resources as a list, for example:

  • postgresql_role

Terraform Configuration Files

provider "postgresql" {
  version = "~> 1.6"

  host            = *********************
  port            = *********************
  database        = *********************
  username        = *********************
  password        = *********************
  sslmode         = "require"
  expected_version = *********************
  connect_timeout = *********************
  superuser = false
}


resource "postgresql_role" "user" {
  name     = "user_name"
  login    = true
  password = "password"
  
  roles = [
    "pg_read_server_files"
  ]
}

Debug Output

Error: could not grant role pg_read_server_files to username: pq: only superusers can grant role "pg_read_server_files"

Expected Behavior

It should add the user to the group role pg_read_server_files.

Actual Behavior

I have a permission denied error.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. terraform apply

Important Factoids

This scenario is running on Azure PostgreSQL database so I don't have access to superuser account...

Thanks for your help.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions