Question

Granting `pg_read_all_data` to a new user

I’m on a managed DO Postgres 14 cluster, and it has the pg_read_all_data role.

After creating a new user called backup using the DO interface, I tried to log in as doadmin and executing:

GRANT pg_read_all_data TO backup;

But I’m getting :

ERROR:  must have admin option on role "pg_read_all_data"

Since this pg_read_all_data is quite new, I couldn’t find anything about this error. Can anyone help me here?

Thanks!


Submit an answer
Answer a question...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
April 4, 2022

Hey @slig,

The doadmin user does not have the superuser so this is why you are getting that error. Basically, with the managed databases, users cannot access the superuser role, that is done as this is a managed service, and such actions are needed to maintain cluster stability.

What I could suggest is to reach out to our amazing support team who might be able to help you with granting the additional role:

https://www.digitalocean.com/support/

Though keep in mind that it is possible that it might be possible that the extra role can not be granted on a managed cluster.

If this is the case, you could try running your own Postgres instance where you would have full access:

https://www.digitalocean.com/community/tutorials/how-to-install-postgresql-on-ubuntu-20-04-quickstart

Hope that helps!

- Bobby.