Define PostgreSQL Roles
A role is an entity that can own database objects and have database privileges; a role can be considered a "user", a "group", or both depending on how it is used.
Roles are defined at the database cluster level. Hence, they are valid in all databases in the cluster.
Use the PostgreSQL Role Editor to define a role in a PostgreSQL physical model.
To define a PostgreSQL role
- In the Model Explorer, right-click Roles and click New.
An instance of Role is created.
- Right-click the instance and click Properties.
The PostgreSQL Role Editor opens.
- In the navigation grid, select the role that you want to define and work with the following options:
Click New on the toolbar to create a role. Use the Enter filter text box to filter a very large list of roles to quickly locate the one that you want to define.
- Name
Specifies the name of the role. Set the name of the role in this field.
- Generate
Generates SQL during forward engineering. Clear the check box if you do not want to generate SQL.
- On the PostgreSQL tab, work with the following options:
- Valid Until
Sets a date and time after which the role's password is no longer valid. If this clause is omitted the password will be valid for all time.
- Connection Limit
If role can log in, this specifies how many concurrent connections the role can make. -1 (the default) indicates that there is no limit.
- Can login
Specifies whether a role is allowed to log in. That is, whether the role can be given as the initial session authorization name during client connection.
- Inherits rights from parent roles
Specifies whether a role "inherits" the privileges of roles it is a member of. A role with the INHERIT attribute can automatically use whatever database privileges have been granted to all roles it is directly or indirectly a member of.
- Superuser
Specifies whether the new role is a superuser. A superuser can override all access restrictions within the database.
- Can Create DB
Indicates a role's ability to create databases.
- Can Create Roles
Indicates a role's ability to create new roles (that is, execute CREATE ROLE). A role with CREATEROLE privilege can also alter and drop other roles.
- Can initiate replication
Specifies whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. A role having the REPLICATION attribute is a privileged role, and should only be used on roles actually used for replication.
- (Optional) Click the Comment tab and enter any comments that you want to associate with the object.
- (Optional) Click the Where Used tab to view where the object is used within the model.
- (Optional) Click the UDPtab to work with user-defined properties for the object.
- (Optional) Click the Notestab to view and edit user notes.
- (Optional) Click the Extended Notes tab to view or edit user notes.
- Click Close.
The role is defined and the PostgreSQL Role Editor closes.
For more information, refer to PostgreSQL documentation.
Copyright © 2024 Quest Software, Inc. |