salt.states.postgres_privileges¶
Management of PostgreSQL Privileges¶
The postgres_privileges module is used to manage Postgres privileges. Privileges can be set as either absent or present.
Privileges can be set on the following database object types:
database
schema
tablespace
table
sequence
language
group
Setting the grant option is supported as well.
New in version 2016.3.0.
baruwa:
postgres_privileges.present:
- object_name: awl
- object_type: table
- privileges:
- SELECT
- INSERT
- DELETE
- grant_option: False
- prepend: public
- maintenance_db: testdb
andrew:
postgres_privileges.present:
- object_name: admins
- object_type: group
- grant_option: False
- maintenance_db: testdb
baruwa:
postgres_privileges.absent:
- object_name: awl
- object_type: table
- privileges:
- SELECT
- INSERT
- DELETE
- prepend: public
- maintenance_db: testdb
andrew:
postgres_privileges.absent:
- object_name: admins
- object_type: group
- maintenance_db: testdb
- salt.states.postgres_privileges.absent(name, object_name, object_type, privileges=None, prepend='public', maintenance_db=None, user=None, db_password=None, db_host=None, db_port=None, db_user=None)¶
Revoke the requested privilege(s) on the specificed object(s)
- name
Name of the role whose privileges should be revoked
- object_name
Name of the object on which the revoke is to be performed
- object_type
The object type, which can be one of the following:
table
sequence
schema
tablespace
language
database
group
function
View permissions should specify object_type: table.
- privileges
Comma separated list of privileges to revoke, from the list below:
INSERT
CREATE
TRUNCATE
CONNECT
TRIGGER
SELECT
USAGE
TEMPORARY
UPDATE
EXECUTE
REFERENCES
DELETE
ALL
- note:
privileges should not be set when revoking group membership
- prepend
Table and Sequence object types live under a schema so this should be provided if the object is not under the default public schema
- maintenance_db
The name of the database in which the language is to be installed
- user
System user all operations should be performed on behalf of
- db_user
database username if different from config or default
- db_password
user password if any password for a specified user
- db_host
Database host if different from config or default
- db_port
Database port if different from config or default
- salt.states.postgres_privileges.present(name, object_name, object_type, privileges=None, grant_option=None, prepend='public', maintenance_db=None, user=None, db_password=None, db_host=None, db_port=None, db_user=None)¶
Grant the requested privilege(s) on the specified object to a role
- name
Name of the role to which privileges should be granted
- object_name
Name of the object on which the grant is to be performed. 'ALL' may be used for objects of type 'table' or 'sequence'.
- object_type
The object type, which can be one of the following:
table
sequence
schema
tablespace
language
database
group
function
View permissions should specify object_type: table.
- privileges
List of privileges to grant, from the list below:
INSERT
CREATE
TRUNCATE
CONNECT
TRIGGER
SELECT
USAGE
TEMPORARY
UPDATE
EXECUTE
REFERENCES
DELETE
ALL
- note:
privileges should not be set when granting group membership
- grant_option
If grant_option is set to True, the recipient of the privilege can in turn grant it to others
- prepend
Table and Sequence object types live under a schema so this should be provided if the object is not under the default public schema
- maintenance_db
The name of the database in which the language is to be installed
- user
System user all operations should be performed on behalf of
- db_user
database username if different from config or default
- db_password
user password if any password for a specified user
- db_host
Database host if different from config or default
- db_port
Database port if different from config or default
