generated from NOAA-OWP/owp-open-source-project-template
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This initial version of the db-pipeline branch includes the Viz RDS components that Corey setup (including RDS Bastion) as well as the DB-Pipeline Lambda functions (including small change to SNS). SmartSheet Card: https://app.smartsheetgov.com/sheets/FwqPVjGh6Qwv9GWh8hG35rj2Rr3g7RFMF3jcj4h1?rowId=7952738123310980
- Loading branch information
1 parent
95b7bc5
commit 3ea4b09
Showing
15 changed files
with
6,903 additions
and
3,014 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
-- ROLES | ||
|
||
CREATE ROLE nwm_viz_ro; | ||
ALTER ROLE nwm_viz_ro WITH INHERIT NOCREATEROLE NOCREATEDB LOGIN NOBYPASSRLS CONNECTION LIMIT 45 ENCRYPTED PASSWORD '${NWM_VIZ_RO}'; | ||
COMMENT ON ROLE rfc_fcst IS 'Read-write group role for the Viz databases'; | ||
|
||
CREATE ROLE rfc_fcst; | ||
ALTER ROLE rfc_fcst WITH INHERIT NOCREATEROLE NOCREATEDB NOLOGIN NOBYPASSRLS ENCRYPTED PASSWORD '${RFC_FCST}'; | ||
COMMENT ON ROLE rfc_fcst IS 'Read-write group role for the RFC Forecast databases'; | ||
|
||
CREATE ROLE rfc_fcst_ro_user; | ||
ALTER ROLE rfc_fcst_ro_user WITH INHERIT NOCREATEROLE NOCREATEDB LOGIN NOBYPASSRLS CONNECTION LIMIT 45 ENCRYPTED PASSWORD '${RFC_FCST_RO_USER}'; | ||
COMMENT ON ROLE rfc_fcst_ro_user IS 'Read-only user role for the RFC Forecast databases'; | ||
|
||
CREATE ROLE rfc_fcst_user; | ||
ALTER ROLE rfc_fcst_user WITH INHERIT NOCREATEROLE NOCREATEDB LOGIN NOBYPASSRLS ENCRYPTED PASSWORD '${RFC_FCST_USER}'; | ||
COMMENT ON ROLE rfc_fcst_user IS 'Read-write user role for the RFC Forecast databases'; | ||
|
||
CREATE ROLE location_ro_user; | ||
ALTER ROLE location_ro_user WITH INHERIT NOCREATEROLE NOCREATEDB LOGIN NOBYPASSRLS CONNECTION LIMIT 45 ENCRYPTED PASSWORD '${LOCATION_RO_USER}'; | ||
COMMENT ON ROLE location_ro_user IS 'Read-only user role for the Location databases'; | ||
|
||
CREATE ROLE wrds_svc_rw_user; | ||
ALTER ROLE wrds_svc_rw_user WITH INHERIT NOCREATEROLE NOCREATEDB NOLOGIN NOBYPASSRLS; | ||
COMMENT ON ROLE wrds_svc_rw_user IS 'Read-write user role for the Location databases'; | ||
|
||
-- GROUPS | ||
|
||
CREATE ROLE rfc_fcst_ro; | ||
ALTER ROLE rfc_fcst_ro WITH INHERIT NOCREATEROLE NOCREATEDB NOLOGIN NOBYPASSRLS; | ||
COMMENT ON ROLE rfc_fcst_ro IS 'Read-only group role for the RFC Forecast databases'; | ||
|
||
CREATE ROLE location_ro_user_grp; | ||
ALTER ROLE location_ro_user_grp WITH INHERIT NOCREATEROLE NOCREATEDB NOLOGIN NOBYPASSRLS; | ||
COMMENT ON ROLE location_ro_user_grp IS 'Read-only group role for the Location databases'; | ||
|
||
CREATE ROLE nwm_ro_user_grp; | ||
ALTER ROLE nwm_ro_user_grp WITH INHERIT NOCREATEROLE NOCREATEDB NOLOGIN NOBYPASSRLS; | ||
COMMENT ON ROLE nwm_ro_user_grp IS 'Read-only group role for the Location databases'; | ||
|
||
-- GROUP ASSIGNMENT | ||
|
||
GRANT rfc_fcst_ro TO rfc_fcst_ro_user ; | ||
GRANT rfc_fcst TO rfc_fcst_user ; | ||
GRANT rfc_fcst_ro TO nwm_viz_ro ; | ||
GRANT location_ro_user_grp TO location_ro_user ; | ||
|
Oops, something went wrong.