Has the note:
See Section 22.214.171.124
details on how to configure access control between the subscription and the
But that section seems to describe authentication for physical, not
logical, replication. Those two no longer use the same access control
methods. For logical replication, the role has to have replication
attribute or be a superuser, but the role does not need to have replication
listed in the pg_hba.conf.
I think it would be better to instead reference:
And on that page, it says:
"The role used for the replication connection must have the REPLICATION
Should also say something like "or be a superuser". It is bit tedious to
say that everywhere, but the docs are supposed to be a bit tedious.