Parameter |
Choices/Defaults |
Comments |
database
required |
|
Name of database to connect to.
Alias: db
|
grant_option
bool |
|
Whether role may grant/revoke the specified privileges/group memberships to others.
Set to no to revoke GRANT OPTION, leave unspecified to make no changes.
grant_option only has an effect if state is present .
Alias: admin_option
|
host
|
|
Database host address. If unspecified, connect via Unix socket.
Alias: login_host
|
login
|
Default:
postgres
|
The username to authenticate with.
Alias: login_user
|
login_host
|
|
Host running the database
|
login_password
|
|
The password used to authenticate with
|
login_unix_socket
|
|
Path to a Unix domain socket for local connections
|
login_user
|
Default:
postgres
|
The username used to authenticate with
|
objs
|
|
Comma separated list of database objects to set privileges on.
If type is table or sequence , the special value ALL_IN_SCHEMA can be provided instead to specify all database objects of type type in the schema specified via schema. (This also works with PostgreSQL < 9.0.)
If type is database , this parameter can be omitted, in which case privileges are set for the database specified via database.
If type is function, colons (":") in object names will be replaced with commas (needed to specify function signatures, see examples)
Alias: obj
|
password
|
|
The password to authenticate with.
Alias: login_password)
|
port
|
Default:
5432
|
Database port to connect to.
|
privs
|
|
Comma separated list of privileges to grant/revoke.
Alias: priv
|
roles
required |
|
Comma separated list of role (user/group) names to set permissions for.
The special value PUBLIC can be provided instead to set permissions for the implicitly defined PUBLIC group.
Alias: role
|
schema
|
|
Schema that contains the database objects specified via objs.
May only be provided if type is table , sequence or function . Defaults to public in these cases.
|
ssl_mode
(added in 2.3) |
Choices:
- disable
- allow
prefer ←
- require
- verify-ca
- verify-full
|
Determines whether or with what priority a secure SSL TCP/IP connection will be negotiated with the server.
See https://www.postgresql.org/docs/current/static/libpq-ssl.html for more information on the modes.
Default of prefer matches libpq default.
|
ssl_rootcert
(added in 2.3) |
|
Specifies the name of a file containing SSL certificate authority (CA) certificate(s). If the file exists, the server's certificate will be verified to be signed by one of these authorities.
|
state
|
Choices:
present ←
- absent
|
If present , the specified privileges are granted, if absent they are revoked.
|
type
|
Choices:
table ←
- sequence
- function
- database
- schema
- language
- tablespace
- group
- default_privs
|
Type of database object to set privileges on.
The `default_prives` choice is available starting at version 2.7.
|
unix_socket
|
|
Path to a Unix domain socket for local connections.
Alias: login_unix_socket
|