Re: Feature Recommendations for Logical Subscriptions - Mailing list pgsql-hackers

On Tue, Apr 8, 2025 at 2:48 PM YeXiu <1518981153@qq.com> wrote:
>
> Business Scenario:
> The BI department requires real-time data from the operational database. In our current approach (on platform 14), we
createa separate database within our department's real-time backup instance, set up a logical replication account,
replicaterequired tables to this isolated database via logical replication, and then create a dedicated account with
column-levelpermissions on specific tables for the BI department. 
>
> Recommendations:
>
> 1、Column Filtering Functionality‌: During implementation, some tables may contain sensitive data or long fields
(e.g.,text columns), while other fields in these tables still need to be replicated to another database or instance.
Manuallyspecifying individual columns becomes cumbersome, especially for tables with many fields, and complicates
futurefield additions. We recommend adding a ‌column filtering feature‌ to logical replication to streamline this
process.
>

It would have been better if you could provide some examples. Let me
try to describe by example. We have a feature where users can specify
columns they want to replicate. For example: Create a publication that
publishes all changes for table users, but replicates only columns
user_id and firstname:
CREATE PUBLICATION users_filtered FOR TABLE users (user_id, firstname);

As per my understanding, you are expecting a feature where we can
specify columns that won't be replicated. For example say a table t1
has columns c1, c2, c3, ..., c10. Now, the user would like to
replicate all columns except c9 and c10, so he should be allowed to do
so by something like CREATE PUBLICATION users_filtered FOR TABLE t1
Except (c9, c10). Is that correct or you have something else in mind?

>
> 2、Logical Replication Account Permissions‌:
> Logical replication permissions should be decoupled from general database access permissions.
> Proposed workflow:
> Create a dedicated account with ‌logical replication privileges only‌.
> Create a logical replication slot and grant this account access ‌only to the authorized replication slot‌.
> This account would have no direct access to the database itself but could subscribe to and consume data from the
permittedreplication slot. 
> This approach allows securely providing the account to the BI department. They can subscribe to the replication slot
andperform downstream processing independently, without risking exposure of unauthorized data. 
>

We need to access catalog tables in the database while decoding
changes, so won't some interaction with database privileges still be
required?

BTW, are you planning to work on a patch on these proposals or you
expect someone else in the community to work on these proposals?

--
With Regards,
Amit Kapila.