On Wednesday, September 4, 2024, Muhammad Imtiaz <
imtiazpg712@gmail.com> wrote:
1. Create a role with specific permissions
CREATE ROLE rep_admin WITH LOGIN CREATEDB CREATEROLE REPLICATION;
List of roles
Role name | Attributes | Description
--------------------+------------------------------------------------------------+-------------
postgres | Superuser, Create role, Create DB, Replication, Bypass RLS |
rep_admin | Create role, Create DB, Replication |
replication_expert | Cannot login
6.Examine the pg_roles table to confirm that the permissions for replication_expert have not been updated:
postgres=# SELECT rolname,rolinherit, rolcreaterole, rolcreatedb, rolcanlogin,rolreplication
FROM pg_roles where rolname in('rep_admin','replication_expert');;
rolname | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication
--------------------+------------+---------------+-------------+-------------+----------------
rep_admin | t | t | t | t | t
replication_expert | t | f | f | f | f
(2 rows)
Those are not permissions, they are attributes, and attributes are not inherited.
David J.