Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: Resources for creating Schema and SQL User permissions #119

Open
TeodorStoyanov opened this issue May 30, 2023 · 2 comments
Open

Feature request: Resources for creating Schema and SQL User permissions #119

TeodorStoyanov opened this issue May 30, 2023 · 2 comments

Comments

@TeodorStoyanov
Copy link

TeodorStoyanov commented May 30, 2023
edited

Overview

I have the following limitation with the Terraform provider for CockroachDB. We are trying to automate the creation of Database, Schema, Users and User's permissions like GRANTS and DEFAULT PRIVILEGES. Unfortunately, the Provider currently supports only the creation of Database and SQL Users.

Issue

I have tried to create the resources with the PostgreSQL Provider but there are engine compatibility issues with this provider and CockroachDB. I am receiving the following errors when trying to create the schema and the permissions:

│ Error: Error reading schema: pq: incompatible COALESCE expressions: type "aclitem" does not exist
│ 
│   with module.apps["test-app-1-migration"].postgresql_schema.cockroachdb_schema[0],
│   on .terraform/modules/apps/cockroachdb.tf line 5, in resource "postgresql_schema" "cockroachdb_schema":
│    5: resource "postgresql_schema" "cockroachdb_schema" {

│ Error: could not get advisory lock for role test_app_1_migration: pq: unknown function: pg_advisory_xact_lock(): function undefined
│ 
│   with module.apps["test-app-1-migration"].postgresql_grant.cockroachdb_schema_permissions[0],
│   on .terraform/modules/apps/cockroachdb.tf line 42, in resource "postgresql_grant" "cockroachdb_schema_permissions":
│   42: resource "postgresql_grant" "cockroachdb_schema_permissions" {

Request

It would be nice if the CockroachDB provider is able to create these resources

  • postgresql_schema
  • postgresql_grant
  • postgresql_default_privileges
    like the PostgreSQL Provider or make the CockroachDB compatible with Vanilla Postgresql.
@marksoper
Copy link
Collaborator

@TeodorStoyanov - thanks for writing this up. I apologize that we didn't get back to you sooner. Role grant is now supported. Do you still have the need for schema and priviliges?

@sramshaw-yolabs
Copy link

@marksoper The new resources for cockroach_user_role_grant and cockroach_user_role_grants appear to only relate to Roles within the Cloud UI.

I believe this feature request (and something many of us are anxiously awaiting) is the ability to create non-admin SQL users and Manage SQL role grants specifically, totally separate and outside of the UI users and UI roles.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@marksoper @TeodorStoyanov @sramshaw-yolabs