> On Nov 17, 2021, at 9:33 AM, Jeff Davis <[email protected]> wrote:
>
> Is GRANT a better fit here? That would allow more than one user to
> REFRESH, or ENABLE/DISABLE the same subscription. It wouldn't allow
> RENAME, but I don't see why we'd separate privileges for
> CREATE/DROP/RENAME anyway.
I don't think I answered this directly in my last reply.
GRANT *might* be part of some solution, but it is unclear to me how best to do
it. The various configuration parameters on subscriptions entail different
security concerns. We might take a fine-grained approach and create a
predefined role for each, or we might take a course-grained approach and create
a single pg_manage_subscriptions role which can set any parameter on any
subscription, or maybe just parameters on subscriptions that the role also
owns, or we might do something else, like burn some privilege bits and define
new privileges that can be granted per subscription rather than globally. (I
think that last one is a non-starter, but just mention it as an example of
another approach.)
—
Mark Dilger
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
