Management of PostgreSQL users (roles)
The postgres_users module is used to create and manage Postgres users.
frank:
postgres_user.present
-
salt.states.postgres_user.absent(name, runas=None, user=None, maintenance_db=None, db_password=None, db_host=None, db_port=None, db_user=None)
Ensure that the named user is absent
- name
- The username of the user to remove
- runas
System user all operations should be performed on behalf of
Deprecated since version 0.17.0.
- user
System user all operations should be performed on behalf of
New in version 0.17.0.
- db_user
- database username if different from config or default
- db_password
- user password if any password for a specified user
- db_host
- Database host if different from config or default
- db_port
- Database port if different from config or default
-
salt.states.postgres_user.present(name, createdb=None, createroles=None, createuser=None, encrypted=None, superuser=None, replication=None, inherit=None, login=None, password=None, groups=None, runas=None, user=None, maintenance_db=None, db_password=None, db_host=None, db_port=None, db_user=None)
Ensure that the named user is present with the specified privileges
Please note that the user/group notion in postgresql is just abstract, we
have roles, where users can be seens as roles with the LOGIN privilege
and groups the others.
- name
- The name of the user to manage
- createdb
- Is the user allowed to create databases?
- createroles
- Is the user allowed to create other users?
- createuser
- Alias to create roles
- encrypted
- Should the password be encrypted in the system catalog?
- login
- Should the group have login perm
- inherit
- Should the group inherit permissions
- superuser
- Should the new user be a "superuser"
- replication
- Should the new user be allowed to initiate streaming replication
- password
The user's password
It can be either a plain string or a md5 postgresql hashed password:
'md5{MD5OF({password}{role}}'
If encrypted is None or True, the password will be automaticly
encrypted to the previous
format if it is not already done.
- groups
- A string of comma separated groups the user should be in
- runas
System user all operations should be performed on behalf of
Deprecated since version 0.17.0.
- user
System user all operations should be performed on behalf of
New in version 0.17.0.
- db_user
- database username if different from config or default
- db_password
- user password if any password for a specified user
- db_host
- Database host if different from config or default
- db_port
- Database port if different from config or default