On Wednesday, September 4, 2024, Muhammad Imtiaz <[email protected]>
wrote:
>
> 1. Create a role with specific permissions
>
> CREATE ROLE rep_admin WITH LOGIN CREATEDB CREATEROLE REPLICATION;
>
> List of roles
> Role name | Attributes
> | Description
> --------------------+---------------------------------------
> ---------------------+-------------
> postgres | Superuser, Create role, Create DB, Replication,
> Bypass RLS |
> rep_admin | Create role, Create DB, Replication
> |
> replication_expert | Cannot login
>
>
> 6.Examine the pg_roles table to confirm that the permissions for
> replication_expert have not been updated:
>
> postgres=# SELECT rolname,rolinherit, rolcreaterole, rolcreatedb,
> rolcanlogin,rolreplication
> FROM pg_roles where rolname in('rep_admin','replication_expert');;
> rolname | rolinherit | rolcreaterole | rolcreatedb |
> rolcanlogin | rolreplication
> --------------------+------------+---------------+----------
> ---+-------------+----------------
> rep_admin | t | t | t | t
> | t
> replication_expert | t | f | f | f
> | f
> (2 rows)
>
>
Those are not permissions, they are attributes, and attributes are not
inherited.
David J.
