Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revisit Postgres DB user permissions, roles and groups #1576

Open
dandelany opened this issue Oct 3, 2024 · 0 comments
Open

Revisit Postgres DB user permissions, roles and groups #1576

dandelany opened this issue Oct 3, 2024 · 0 comments
Assignees
@Mythicaeda
Labels
database Anything related to the database refactor A code change that neither fixes a bug nor adds a feature soon Not quite next up, but soon

Comments

@dandelany
Copy link
Collaborator

Background

Per discussion with @Mythicaeda - our Postgres DB service doesn't really have proper user role/group access permissions. Currently each user or service that accesses the DB is given a role that is just their username. We'd like to be more intentional about these roles & groups to adhere to the principle of least privilege and to make future changes easier.

Requirements

  • Discuss & decide on the correct set of roles/groups to use for DB users & services which connect to the DB, & what permissions each role should have
  • Implement new roles/groups in the DB
  • Create a migration and/or script for users to migrate to the new DB structure/roles when they upgrade
@dandelany dandelany added refactor A code change that neither fixes a bug nor adds a feature database Anything related to the database labels Oct 3, 2024
@github-project-automation github-project-automation bot moved this to Todo in Aerie Oct 3, 2024
@dandelany dandelany added the soon Not quite next up, but soon label Oct 3, 2024
@dandelany dandelany mentioned this issue Oct 3, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Mythicaeda Mythicaeda

Labels
database Anything related to the database refactor A code change that neither fixes a bug nor adds a feature soon Not quite next up, but soon
Projects
Aerie
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dandelany @Mythicaeda