/
postgres.html.md.erb
46 lines (31 loc) · 1.46 KB
/
postgres.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
---
breadcrumb: PCF Services
title: Known Issue with RDS for PostgreSQL with VMware Tanzu Service Broker for AWS
---
This topic describes an issue with object ownership for PostgreSQL when you use <%= vars.product_full %>.
When a developer binds a PostgreSQL service instance to an application, the broker
creates a distinct role with unique credentials. The broker ensures that all the
distinct roles are members of a group named `binding_group`.
Members of this group have full privileges to objects created by other members.
However, this does not include the ability to `DROP` or `ALTER` objects.
For more information about defining access privileges,
see [GRANT](https://www.postgresql.org/docs/9.6/sql-grant.html)
in the PostgreSQL documentation.
## <a id="create-object"></a> Create an object using the binding_group role
So that members of `binding_group` can `ALTER` or `DROP` an object,
you must assign the group's role before creating an object.
To do this, do the following:
1. Set your role to `binding_group`:
For example:
<pre class="terminal">
# SET ROLE binding_group;
</pre>
1. Create the object:
For example:
<pre class="terminal">
\# CREATE TABLE data
</pre>
After this is complete, you can continue with your actions to modify the object.
For more information about setting the current user identifier of the current session,
see [SET ROLE](https://www.postgresql.org/docs/9.6/sql-set-role.html)
in the PostgreSQL documentation.