On 12/10/24 17:59, Felipe Matas wrote:
Hi all! I'm trying to build three postgres clusters (in different
servers), I'm thinking to use CITUS to make the data available across
the clusters, I'm checking the docs.
What I have not been able to found in any place, is how to handle the
permissions, I can use LDAP to handle the shared credentials across
the clusters, I have not experience with LDAP but is no problem with
learning :)
So, how can I handle the permissions? From what I have read, seems
LDAP only handle user/pass, is there any way to make all the clusters
to have the same permissions to the LDAP users?
In the time, I'll add more servers to this, so handle server by server
all the permissions to each user is not a nice way to handle it.
Probs this is already solved somehow, but I can't find it.
As you said, LDAP only deals with authentication not authorization.
If you want to implement security using PostgreSQL, then you will have
to replicate the DDL, GRANTS, memberships, etc
Thx!
