Ansible创建postgresql用户访问所有表？

Question

这应该很简单。我想创建一个Ansible语句来创建一个Postgres用户，该用户具有对特定数据库的连接权限，并为该特定数据库中的所有表选择/插入/更新/删除权限。我试过如下：

- name: Create postgres user for my app 
    become: yes 
    become_user: postgres 
    postgresql_user: 
     db: "mydatabase" 
     name: "myappuser" 
     password: "supersecretpassword" 
     priv: CONNECT/ALL:SELECT,INSERT,UPDATE,DELETE 

我得到relation \"ALL\" does not exist

如果我删除ALL:，我得到Invalid privs specified for database: INSERT UPDATE SELECT DELETE

Answer 1

我所要做的是先创建用户，然后分别授予权限。它的工作就像一个魅力。

- name: Create postgres user for my app 
    become: yes 
    become_user: postgres 
    postgresql_user: 
     name: "myappuser" 
     password: "supersecretpassword" 

    - name: Ensure we have access from the new user 
    become: yes 
    become_user: postgres 
    postgresql_privs: 
     db: mydatabase 
     role: myappuser 
     objs: ALL_IN_SCHEMA 
     privs: SELECT,INSERT,UPDATE,DELETE 

Answer 2

从ansible文档postgressql module，私法应该是“格式PostgreSQL的权限字符串：表：权限1 ，priv2“ 所以你的任务应该是

- name: Create postgres user for my app 
    become: yes 
    become_user: postgres 
    postgresql_user: 
     db: "mydatabase" 
     name: "myappuser" 
     password: "supersecretpassword" 
     priv: ALL:SELECT,INSERT,UPDATE,DELETE,CONNECT