Reputation: 1806
Grant rights to update procedures to a redshift user
I want to create a user that can only update stored procedures in redshift. The procedures are given as .sql files that start like this
CREATE OR REPLACE PROCEDURE schema_name.procedure_name
...
Hence I created the new user in psql and tried to assign the rights: GRANT CREATE OR REPLACE PROCEDURE to ci.
But when I try to update with the new user psql -h $host -U ci -d $database -p $port -f file.sql it fails with ERROR: permission denied for schema schema_name. (This works with the admin user)
Upvotes: 0
Views: 2660
Answers (2)
Reputation: 1806
Synthezising from the different comments and answers:
- The
ciuser must be owner of the function. This means the function must be deleted beforehand (and recreated byciafterwards) GRANT USAGE ON SCHEMA schema_name TO ciis necessary but not sufficient.- I was finally able to make it work after additionally adding
GRANT ALL ON SCHEMA schema_name TO ci;
Open questions:
- There should be a more minimal set of rights to accomplish this.
- Do the necessary privileges depend on the sql statements in the procedure?
Upvotes: 2
Reputation: 23
I'm not sure about splitting the CREATE and REPLACE permissions, but the error you're getting seems unrelated. I think your user ci also needs USAGE permission on the schema.
GRANT USAGE ON SCHEMA schema_name TO ci
Upvotes: 1
Related Questions
- redshift/Postgresql 8.0 revoke connect to database of a user
- How to Grant 'ALTER USER' privileges to AWS redshift user
- Granting permissions on Redshift system tables to non-superusers
- Readonly permissions for redshift schema
- How to acess Amazon AWS redshift using psql client with IAM credentials
- Redshift Permissions
- How to grant user access to one table in a specific schema in Redshift
- Redshift user with default access to newly created schemas
- create database specific user in redshift
- How to create READ ONLY user in redshift