How to grant someone limited access to PostgreSQL

Question

I have a SQL database on AWS that is connected to a Django framework website that lives on Heroku. I have a need for granting access to a third party for them to pull data from my DB to their own SQL DB.

I am a self taught programmer, web designer and have very limited knowledge about AWS and database management and couldn't find a clear roadmap for how to create credentials for someone to access my DB programmatically (read only) and have access to only certain data. For example, all the records in miscellaneous tables are related to a project with a foreign key and I want the user to have access to data for only certain projects.

The only account that I have right now is my master account that I use in my Django website and to connect through a client to browse that data.

So my questions are: 1- How can I create credentials for someone to connect to my database remotely? 2- How can I make it read only? 3- How can I limit their access to only certain records based on a foreign key?

edit: I found the following discussion which made lean towards creating a REST API rather than providing SQL access. I am open for more input if I am missing anything. https://softwareengineering.stackexchange.com/questions/277701/why-do-people-do-rest-apis-instead-of-dbals Thanks,

Answer 1

Depending on how 'live' this data needs to be, you might consider simply exporting/dumping the data to S3 at a suitable time and then share that with the third party. They can then import into a DB on their side.

You didn't say if the PostgreSQL DB is in RDS or not, but if it's in RDS you can also create a snapshot of the DB and share the snapshot with the customer.

Both of these options are likely to be easier than building an API. They also remove any possibility that the third party damages your database (because you accidentally over-permissioned them) or causes availability problems with it or your app.