Currently we only grant permissions to roles. In the future, we'd like to create roles and then grant these roles to members. For example,
Create the following roles without passwords and without the ability to login,
Create the following roles with passwords + login permissions,
- app
- app-ro
- engineering-ro
Grant
- role-write to app
- role-readonly to [app-ro, engineering-ro]
This will require adding postgresql_grant_role to main.tf and creating a way for some type of variable expression to direct granting roles to users.
Currently we only grant permissions to roles. In the future, we'd like to create roles and then grant these roles to members. For example,
Create the following roles without passwords and without the ability to login,
Create the following roles with passwords + login permissions,
Grant
This will require adding postgresql_grant_role to main.tf and creating a way for some type of variable expression to direct granting roles to users.