Is it possible to grant a user/role only the permission to create/alter sequences in a PostgreSQL database/schema not allowing the user to create tables at the same time?
I currently use
GRANT CREATE ON SCHEMA myschema TO "MyRole";
which gives the user full create access to the schema, though he cannot delete or alter any tables that he does not own. My use case is that I use Liquibase to setup the database schema upfront and want to have the application only using a db user that can only read/write data. Unfortunately the application requires a dynamic number of sequences, i.e. it must be possible for the application to create new sequences in the database/schema.
CodePudding user response:
The only possible way is to create an event trigger that throws an error if you create anything else than a sequence.
CodePudding user response:
You can do
grant select on sequence my_sequence in schema my_schema to my_role_user