首頁 > 開發者 > PostgreSQL
標籤:postgresql 安全層級
一、配置說明:
角色名稱:user01
1.user01許可權說明:
串連test資料庫,未授權時無法串連其它資料庫;
在指定schema,建立\查看\刪除表,查看schema中對象;
2.其它普通使用者:
無法串連test資料庫及schema(sales)中對象,需要授權;
二、操作步驟:
instance(執行個體級): role(角色)
$ psql postgres
postgres=# CREATE ROLE user01 LOGIN NOSUPERUSER NOCREATEDB;
2.database(資料庫級): CREATE(schemas) and CONNECT(database)
$ psql postgres
postgres=# CREATE DATABASE test;
postgres=# REVOKE ALL ON DATABASE test FROM public; -- 禁止其它普通role串連test
postgres=# GRANT CONNECT ON DATABASE test TO user01;
3.schema(架構級):
CREATE(put object into schema)
USAGE (allow us to actually look into a schema and see which objects are present).
$psql test
test=# REVOKE ALL ON SCHEMA public FROM public;-- 其它普通role無法串連test
test=# CREATE SCHEMA sales;
CREATE SCHEMA
test=# GRANT CREATE,USAGE ON SCHEMA sales TO user01; -- user01 可以在sales中建立、查看對象
GRANT
test=# \q
$ psql test -U user01
test=> CREATE TABLE sales.t_sales (id int4);
CREATE TABLE
4.table(表級): grant
預設user01建立、drop表和DML表內容
5.column(列級):grant
預設user01建立、drop表和DML列內容
本文出自 “yiyi” 部落格,請務必保留此出處http://heyiyi.blog.51cto.com/205455/1871200
postgresql 使用者安全配置
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
