I think they mean the application connections from the UI to the backend, not backend SQL user login connection limits.
JAVA would be Hakari max_pool = 10 or something to that effect.
(I've been through this before), but you should check the requirement.
-----Original Message-----
From: Tom Lane <tgl@sss.pgh.pa.us>
Sent: Friday, February 16, 2024 1:36 PM
To: martin.nguyen@oracle.com
Cc: pgsql-bugs@lists.postgresql.org
Subject: [EXTERNAL] Re: BUG #18350: Modifying predefined roles' unlimited connections for VA STIG cybersecurity
checklist
PG Bug reporting form <noreply@postgresql.org> writes:
> We have identified an issue where predefined roles are not modifiable,
> however a Dept. of VA security checklist requires that no roles have
> unlimited connections. The Predefined roles have unlimited
> connections, is there a way to modify these?
Solution 1: explain to your compliance department that it's pointless to worry about the connection limit for a role
thatcan't log in.
Solution 2: do a manual UPDATE on pg_authid. This would have to be done over after any major-version upgrade, though.
regards, tom lane
