Hellen Jiang <hjiang@federatedwireless.com> writes: > I have created readonly and readwrite roles with the following grants: however, readonly user does not have access to the new tables created by readwrite user. (readonly user has the access to new tables created by admin). > Any idea how I can grant the access to readonly to make sure it has the read access to NEW tables created by readwrite user?
The readwrite user (not the admin) would need to issue ALTER DEFAULT PRIVILEGES granting that.
Hi. I'm confused Tom. Why should it matter who created the new tables?
I'm also using DEFAULT PRIVILEGES, for the very reason they dynamically extend to newly created objects in the schema.
And I don't remember reading anything like what you imply. Could you please pinpoint in the doc where this would be explained?
DEFAULT PRIVILEGES only apply to DDLs made by the role who did the GRANT'ing?
In my case, the schema owner does both the granting and DDLs, so I guess I'll be OK.
I just want to make sure I understand the situation better. Thanks, --DD