-
Notifications
You must be signed in to change notification settings - Fork 46
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
10391 - improving the create user script
- Loading branch information
1 parent
25e0c71
commit 7308a18
Showing
6 changed files
with
63 additions
and
68 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
|
|
||
|
|
||
| # Steps to Deploy | ||
|
|
||
| 1. update the environment secrets (aws secrets manager), to include the following | ||
| - POSTGRES_USER ${ENV}_dawson | ||
| - DATABASE_NAME ${ENV}_dawson | ||
| - POSTGRES_MASTER_USERNAME master | ||
| - POSTGRES_MASTER_PASSWORD ${GENERATE_A_SECURE_PASS} | ||
| - (optional) RDS_MAX_CAPACITY 1 | ||
| - (optional) RDS_MIN_CAPACITY 0.5 | ||
| 2. source scripts/env/set-env.zsh ${ENV} | ||
| 3. npm run deploy:allColors ${ENV} | ||
| - this will create the rds cluster with the master username and password | ||
| 4. create the database users | ||
| - look up rds endpoint for the writer instance | ||
| - cd scripts/postgres && DB_HOST=${REPLACE_WITH_RDS_HOST} ./create-rds-users.sh | ||
| 5. merge PR into your environment and run a deployment. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| create-users-generated.sql |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| #!/bin/bash | ||
|
|
||
| # set DB_HOST before running on your environment | ||
| # source your ENV before running this script with the correct environment. | ||
|
|
||
| GENERATED_SQL_FILE="create-users-generated.sql" | ||
| sed "s/ENVREPLACEME/${ENV}/g;" create-users.sql > $GENERATED_SQL_FILE | ||
| PGPASSWORD=$POSTGRES_MASTER_PASSWORD psql -h $DB_HOST -U $POSTGRES_MASTER_USERNAME -d $DATABASE_NAME -f $GENERATED_SQL_FILE |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| -- RUN BOTH OF THESE STATEMENTS IN SQL AFTER RDS CLUSTER IS CREATED | ||
|
|
||
| CREATE USER ENVREPLACEME_dawson WITH LOGIN; | ||
| GRANT rds_iam TO ENVREPLACEME_dawson; | ||
| GRANT CONNECT ON DATABASE ENVREPLACEME_dawson TO ENVREPLACEME_dawson; | ||
| GRANT USAGE ON SCHEMA public TO ENVREPLACEME_dawson; | ||
| GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO ENVREPLACEME_dawson; | ||
| GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO ENVREPLACEME_dawson; | ||
| GRANT CREATE ON SCHEMA public TO ENVREPLACEME_dawson; | ||
| ALTER DEFAULT PRIVILEGES IN SCHEMA public | ||
| GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO ENVREPLACEME_dawson; | ||
| ALTER DEFAULT PRIVILEGES IN SCHEMA public | ||
| GRANT USAGE, SELECT ON SEQUENCES TO ENVREPLACEME_dawson; | ||
|
|
||
| CREATE USER ENVREPLACEME_developers WITH LOGIN; | ||
| GRANT rds_iam TO ENVREPLACEME_developers; | ||
| GRANT CONNECT ON DATABASE ENVREPLACEME_dawson TO ENVREPLACEME_developers; | ||
| GRANT USAGE ON SCHEMA public TO ENVREPLACEME_developers; | ||
| GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO ENVREPLACEME_developers; | ||
| GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO ENVREPLACEME_developers; | ||
| GRANT CREATE ON SCHEMA public TO ENVREPLACEME_developers; | ||
| ALTER DEFAULT PRIVILEGES IN SCHEMA public | ||
| GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO ENVREPLACEME_developers; | ||
| ALTER DEFAULT PRIVILEGES IN SCHEMA public | ||
| GRANT USAGE, SELECT ON SEQUENCES TO ENVREPLACEME_developers; | ||
|
|
||
|
|
||
| -- super admin privileges | ||
| -- CREATE USER kswann WITH LOGIN; | ||
| -- GRANT rds_iam TO kswann; | ||
| -- GRANT ALL PRIVILEGES ON DATABASE exp4_dawson TO kswann; | ||
| -- GRANT ALL PRIVILEGES ON SCHEMA public TO kswann; | ||
| -- GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO kswann; | ||
| -- GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO kswann; | ||
| -- GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO kswann; | ||
| -- ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO kswann; |