terraform-provider-postgresql icon indicating copy to clipboard operation
terraform-provider-postgresql copied to clipboard

Published 20 hours ago verified publisher icon cyrilgdn

postgresql_user_mapping not working for public

Open kudryk opened this issue 2 years ago • 1 comments

Hi there,

Thank you for opening an issue. Please provide the following information:

Terraform Version

  • docker image hashicorp/terraform:1.4
  • Installing cyrilgdn/postgresql v1.19.0...
  • Installed cyrilgdn/postgresql v1.19.0
  • Installed hashicorp/random v3.5.1 (signed by HashiCorp)
  • Installed hashicorp/aws v4.67.0 (signed by HashiCorp)

Affected Resource(s)

Please list the resources as a list, for example:

  • postgresql_user_mapping

I have successful created a remote server using terraform and have mapped 2 local users to remote users using postgresql_user_mapping. However, I am unable to map the local public user to a remote user.

If I map the public user in SQL succeeds but using postgres_user_mapping fails.

-- SQL: succeeds
CREATE USER MAPPING FOR PUBLIC SERVER ep_modules_db_staging OPTIONS (user 'tsds_read_only', password 'XYZ')

-- Terraform: fails
resource "postgresql_user_mapping" "staging_public" {
  server_name = postgresql_server.remote_staging_server.server_name
  user_name   = var.lab_public_username             # "public"
  options = {
    user = var.staging_readonly_username            # tsds_read_only
    password = var.staging_readonly_password   # XYZ
  }
}

When it fails, it's because it's trying to find a public role. It appears not to recognize public as a keyword for the underlying SQL command.

Plan: 1 to add, 0 to change, 0 to destroy.
postgresql_user_mapping.staging_public: Creating...
╷
│ Error: Could not create user mapping: pq: role "PUBLIC" does not exist
│ 
│   with postgresql_user_mapping.staging_public,
│   on fdw.tf line 43, in resource "postgresql_user_mapping" "staging_public":
│   43: resource "postgresql_user_mapping" "staging_public" {

kudryk avatar May 15 '23 19:05 kudryk

I think what's happening is that the code is trying to get a role named public instead of just passing the value of the user_name attribute. This works for real roles, but not public.

https://github.com/cyrilgdn/terraform-provider-postgresql/blob/c34742da8ad861b03e27e8aff4ab613990999aa0/postgresql/resource_postgresql_user_mapping.go#L63-L68

kinghuang avatar May 24 '23 20:05 kinghuang