The postgres_users module is used to create and manage Postgres users.
frank:
postgres_user.present
salt.states.postgres_user.
absent
(name, user=None, maintenance_db=None, db_password=None, db_host=None, db_port=None, db_user=None)¶Ensure that the named user is absent
The username of the user to remove
System user all operations should be performed on behalf of
New in version 0.17.0.
database username if different from config or default
user password if any password for a specified user
Database host if different from config or default
Database port if different from config or default
salt.states.postgres_user.
present
(name, createdb=None, createroles=None, encrypted=None, superuser=None, replication=None, inherit=None, login=None, password=None, default_password=None, refresh_password=None, valid_until=None, groups=None, user=None, maintenance_db=None, db_password=None, db_host=None, db_port=None, db_user=None)¶Ensure that the named user is present with the specified privileges Please note that the user/group notion in postgresql is just abstract, we have roles, where users can be seens as roles with the LOGIN privilege and groups the others.
The name of the system user to manage.
Is the user allowed to create databases?
Is the user allowed to create other users?
Should the password be encrypted in the system catalog?
Should the group have login perm
Should the group inherit permissions
Should the new user be a "superuser"
Should the new user be allowed to initiate streaming replication
The system user's password. It can be either a plain string or a md5 postgresql hashed password:
'md5{MD5OF({password}{role}}'
If encrypted is None or True, the password will be automatically encrypted to the previous format if it is not already done.
The password used only when creating the user, unless password is set.
New in version 2016.3.0.
Password refresh flag
Boolean attribute to specify whether to password comparison check should be performed.
If refresh_password is True
, the password will be automatically
updated without extra password change check.
This behaviour makes it possible to execute in environments without superuser access available, e.g. Amazon RDS for PostgreSQL
A date and time after which the role's password is no longer valid.
A string of comma separated groups the user should be in
System user all operations should be performed on behalf of
New in version 0.17.0.
Postgres database username, if different from config or default.
Postgres user's password, if any password, for a specified db_user.
Postgres database host, if different from config or default.
Postgres database port, if different from config or default.