I'm trying to replicate the PostgresDB from AWS to GoogleCloudSQL using Bucardo in order to avoid live transactions.
Here, Bucardo needs to set session_replication_role='replica' using user credentials on googlecloudsql postgres user. The postgres user on cloudsql needs superuser privileges to do this.
Is their any other way we could set role using any other users?
Related
I am trying to create a secret manager for the purpose of using lambda in serverless redshift.
The redshift cluster created on the security password type selection screen is not visible, so it cannot be created.
Any solution?
The secrets manager "new secret" wizard does not show any serverless Redshift workgroups.
You can however create an other database and enter hostname and more, and edit the secret later to modify the database type in the secret.
I have a multi-tenant application that stores the data of each client in a distinct database. To access the data I retrieve the credentials from the SecretsManager in AWS where the secret is stored by giving it the tenant_id as the name. In code, I can then just retrieve it by passing the tennant id.
Now I'm looking for a clean way to implement multiple environments. But I'm not able to find a way that suits my use case. The restrictions I'm having are:
The tenant_id is actually the Azure Tenant ID of the client and is also used to connect to the GraphQL API. As such just using an ID like "Test-Tenant" would not be possible as I would not be able to run all the code.
Just relying on the same database in staging and testing (which probably is a bad idea anyway) would also not be possible as the database in staging is a document DB and connecting to it is not possible via the local machine (unless via ssh tunneling but then my end point URLs would not match).
What would be a clean way to implement multiple environments in this multi-tenancy setup?
I have a Rails app that successfully talks to a Postgres database. The app has full Postgres access rights and is successfully talking to the database.
I use Devise to authenticate my users. I know this is independent of PG but I mention it to make what I want below somewhat clearer.
The app maintains a (Devise) table of users. The app has several users and I want to have each user have different access (roles?) to the database.
I want to create a sandbox where User can issue PG commands but has, for instance, only readonly access rights to the database.
How do I do this. I've searched Google for several hours but I've come up with zilch.
I am working on an academic project where i need to provide SCDF as a SaaS. So different users should be able to connect to their SCDF and access, deploy, and manage their streams and tasks. Of course, other users shouldn't access those private streams and tasks.
From my different readings i found that SCDF has some LDAP capabilities and i even found that a single user mode is used by default. However, from what i understood, the LDAP is used to authenticate servers and not users, and i am not sure if the user content separation exists.
If there is a user management, can you orient me or provide me with some relevant readings and material. Otherwise, can you give me tips on the "best" way to implement such an option.
For multi user management, you can use file based authentication supported in SCDF.
Sample configuration would look like this:
security:
basic:
enabled: true
realm: Spring Cloud Data Flow
dataflow:
security:
authentication:
file:
enabled: true
users:
bob: bobspassword, ROLE_ADMIN
alice: alicepwd, ROLE_VIEW, ROLE_CREATE
I have a question regarding password protection to a table I created when I developed my database using Open Office.
I want to know how can I make a single table as password protected?
eg,
I have a database named Data
I created a table named Data-table
How can I provide a password protection on this table in open office?
In any database, access permissions are granted to specific database users. So in the initial OpenOffice Base connection setup you need to choose a specific user. (If you do not choose a specific user, the default is the SA account which has rights to all tables.)
To grant access, you need to execute a GRANT statement for that user. Examples using mysql are given at http://dev.mysql.com/doc/refman/5.7/en/grant.html:
GRANT ALL ON db1.table1 TO 'jeffrey'#'localhost';
If you are using the default HSQLDB engine with both the client and database in a single file, then in order to connect as a specific user, I think you need to convert it to a more powerful client/server setup.
To do this, you can either unzip the .odb file and extract the HSQLDB files (see here), or copy the data into a mysql database or other database of your choice. Once the data is in a separate database, it should not be hard to do what you are asking.