Thread: Noinheritance with superuser
I have an RDS instance with the below configuration.
--
create role role1 login noinheritance;
grant rds_superuser to rdsdba;
grant rdsdba to role1
In this case role1 is able to do all administrative operations, without the need of switching to rdsdba.
Is this expected?
I do not find any document which says that inheritance does not work with roles which have superuser role granted to it. Note that rdsdba is not a superuser in itself, but only has a role which is superuser.
Thanks in advance.
saket bansal <saket.tcs@gmail.com> writes: > I have an RDS instance with the below configuration. > create role role1 login noinheritance; > grant rds_superuser to rdsdba; > grant rdsdba to role1 > In this case role1 is able to do all administrative operations, without the > need of switching to rdsdba. > Is this expected? rds_superuser is not a thing that exists in community Postgres. I'd suggest taking this question up with the Amazon RDS folk. regards, tom lane