terraform-provider-postgresql icon indicating copy to clipboard operation
terraform-provider-postgresql copied to clipboard

Published 20 hours ago verified publisher icon cyrilgdn

grant create on database userdb to customrole;

Open uwebartels opened this issue 3 years ago • 1 comments

Hi,

I really appreciate the postgres provider. I need to grant the create a privilege to a role in a database like this: grant create on database userdb to customrole; The resource postgresql_grant seeemed to be the right one.

resource "postgresql_grant" "grant" {
  database    = "userdb"
  role        = "customrole"
  # object_type = "schema"
  privileges  = ["CREATE"]
}

I need to specify an object type what I don't need in my grant statement. And when I specify "schema" as object_type I need to specify the parameter schema.

So from my perspective this kind of grant statement is not supported or I don't see how to apply this with terraform. Please help.

Terraform Version

1.1.6

Affected Resource(s)

postgresql_grant

uwebartels avatar Jul 21 '22 12:07 uwebartels

can confirm this is still an issue; attempted to do this today via the following:

locals {
  shared_db_user       = "myuser"
  env_list             = ["prod", "test"]
}

...

resource "postgresql_grant" "database" {
  for_each    = toset(local.env_list)
  database    = "mydb_${each.value}"
  role        = local.shared_db_user
  object_type = "database"
  privileges  = ["CREATE"]
}

and basically, it appears to die silently in the background without triggering an error condition, as terraform apply itself reports this as a success. Of note while running TF_LOG=DEBUG mode:

2022-09-06T12:11:00.675-0400 [INFO] provider.terraform-provider-postgresql_v1.17.1: 2022/09/06 12:11:00 [DEBUG]: sql: transaction has already been committed or rolled back: timestamp=2022-09-06T12:11:00.675-0400 and 2022-09-06T12:11:00.680-0400 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"

i suspect the generated syntax is incorrect? when i run the equivalent statement in pgsql, e.g.

grant create on database mydb_test to myuser;

it operates as expected, and a terraform plan at that point no longer shows the grant as outstanding.

Hope this helps; it's currently providing a moderate obstruction to a project i'm on.

Thanks.

plugin version: 1.17.1 terraform version: 1.1.7

jmacnett avatar Sep 06 '22 16:09 jmacnett