On Saturday, May 18, 2024, Edwin UY <
edwin.uy@gmail.com> wrote:
Hi
Is there no other option to grant a user ALTER TABLE privilege except doing the grant <owner> to <user>/<role> :-)
I can understand it is not really ideal to grant access for the user to do ALTER TABLE, this is mainly for the TEST environment while the developers are doing their testing.
For Qual and PROD, it will be restricted to either the owner or users with superuser privileges.
Any advice is much appreciated. Thanks in advance.
Users, i.e., roles with login attribute, should not be given direct ownership. Group roles should be given ownership. Then in each database the users can be added as members of those group roles, or not, as needed. Or, on a developer’s machine where they are actually writing code, they just get superuser. But for all other environments they stash the alter commands they need into the schema migration tool scripts in the VCS and the schema migration tool logs on using a role granted member in the owning role and runs the scripts.
David H.
