Skip to content

Commit

Permalink
Update document for postgresql_default_privileges resource (#468)
Browse files Browse the repository at this point in the history
  • Loading branch information
@caodangtinh
caodangtinh authored and Felix Furrer committed Dec 3, 2024
1 parent 95d8d6d commit 0ff9f2b
Showing 1 changed file with 18 additions and 4 deletions.
22 changes: 18 additions & 4 deletions website/docs/r/postgresql_default_privileges.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,17 +28,31 @@ resource "postgresql_default_privileges" "read_only_tables" {

## Argument Reference

* `role` - (Required) The name of the role to which grant default privileges on.
* `role` - (Required) The role that will automatically be granted the specified privileges on new objects created by the owner.
* `database` - (Required) The database to grant default privileges for this role.
* `owner` - (Required) Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
* `owner` - (Required) Specifies the role that creates objects for which the default privileges will be applied.
* `schema` - (Optional) The database schema to set default privileges for this role.
* `object_type` - (Required) The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema).
* `privileges` - (Required) The list of privileges to apply as default privileges. An empty list could be provided to revoke all default privileges for this role.
* `privileges` - (Required) List of privileges (e.g., SELECT, INSERT, UPDATE, DELETE) to grant on new objects created by the owner. An empty list could be provided to revoke all default privileges for this role.


## Examples

Revoke default privileges for functions for "public" role:
### Grant default privileges for tables to "current_role" role:

```hcl
resource "postgresql_default_privileges" "grant_table_privileges" {
database = postgresql_database.example_db.name
role = "current_role"
owner = "owner_role"
schema = "public"
object_type = "table"
privileges = ["SELECT", "INSERT", "UPDATE"]
}
```
Whenever the `owner_role` creates a new table in the `public` schema, the `current_role` is automatically granted SELECT, INSERT, and UPDATE privileges on that table.

### Revoke default privileges for functions for "public" role:

```hcl
resource "postgresql_default_privileges" "revoke_public" {
Expand Down

0 comments on commit 0ff9f2b

Please sign in to comment.