How to manage user privileges in PostgreSQL cluster with multiple databases/users?

Posted on May 17, 2020
DigitalOcean Managed PostgreSQL Database PostgreSQL
Asked by slig

I want to use a single Managed PostgreSQL cluster from DO to host multiple applications (since they’re all small, there’s no need to have a unique cluster per app).

From what I’ve gathered, permissions and user privileges on Postgres are quite complicated.

For instance, supposed I have a user named production_user and a database called mydatabase_prod. I want only this user to have permission to access and modify this database.

Is this the minimum that should be done or am I missing something obvious?

ALTER DATABASE mydabase_prod OWNER TO production_user;
REVOKE ALL ON DATABASE mydabase_prod FROM PUBLIC;
GRANT CONNECT ON DATABASE mydabase_prod TO production_user;
GRANT ALL ON DATABASE mydabase_prod TO production_user;

Thanks in advance!

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

abearfield

DigitalOcean Employee

• May 19, 2020

Accepted Answer

Hey @slig -

This syntax should work perfectly!

Cheers!