Skip to content

No need to run GRANT postgres_exporter1 TO <MASTER_USER> in aws RDS? #611

Description

@richzw

Per doc

-- If deploying as non-superuser (for example in AWS RDS), uncomment the GRANT
-- line below and replace <MASTER_USER> with your root user.
-- GRANT postgres_exporter1 TO <MASTER_USER>;

However, I create one user for postgres_exporter without GRANT postgres_exporter1 TO <MASTER_USER> as below

CREATE OR REPLACE FUNCTION __tmp_create_user() returns void as $$
BEGIN
  IF NOT EXISTS (
          SELECT
          FROM   pg_catalog.pg_user
          WHERE  usename = 'postgres_exporter1') THEN
    CREATE USER postgres_exporter1;
  END IF;
END;
$$ language plpgsql;

SELECT __tmp_create_user();
DROP FUNCTION __tmp_create_user();

ALTER USER postgres_exporter1 WITH PASSWORD 'password';
ALTER USER postgres_exporter1 SET SEARCH_PATH TO pg_catalog;

GRANT CONNECT ON DATABASE postgres TO postgres_exporter1;

GRANT pg_monitor to postgres_exporter1;

And this user postgres_exporter could work well in postgres_exporter.

Should we think this operation GRANT postgres_exporter1 TO <MASTER_USER> is useless? Please correct us if something is wrong or anything missing?

PS: PostgreSQL 10 is used in our case

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions