Hi David (and others), Thanks for the info about Public.
I should expound on my original email. In our dev and test environments our admins (alice, bob, eve) are superusers. In production environments we'd like the admins to be read-only. Is the Public role something I can leverage to achieve this desire? Thanks for the help! -m On Sat, Oct 5, 2024 at 9:02 AM David G. Johnston <david.g.johns...@gmail.com> wrote: > On Saturday, October 5, 2024, Matt Zagrabelny <mzagr...@d.umn.edu> wrote: > >> Hello, >> >> I'd like to have a read-only user for all databases. >> >> I found the pg_read_all_data role predefined role, which I granted to my >> RO user: >> >> GRANT pg_read_all_data TO ro_user; >> >> ...but I cannot connect to my database(s). >> >> I'd like to not have to iterate over all the databases and "GRANT >> CONNECT...". >> >> Is there a way to do this with just one GRANT or equivalent command? >> > > > The pseudo-role Public exists for just this kind of thing. In fact, in a > default installation it already is given connect privileges on all > databases created by the bootstrap superuser. > > David J. > >
