public inbox for [email protected]
help / color / mirror / Atom feedFrom: Achilleas Mantzios - cloud <[email protected]>
To: [email protected]
Subject: Re: Clusters and shared permissions using LDAP
Date: Fri, 20 Dec 2024 10:35:01 +0200
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
<[email protected]>
On 12/10/24 17:59, Felipe Matas wrote:
> Hi all! I'm trying to build three postgres clusters (in different
> servers), I'm thinking to use CITUS to make the data available across
> the clusters, I'm checking the docs.
>
> What I have not been able to found in any place, is how to handle the
> permissions, I can use LDAP to handle the shared credentials across
> the clusters, I have not experience with LDAP but is no problem with
> learning :)
>
> So, how can I handle the permissions? From what I have read, seems
> LDAP only handle user/pass, is there any way to make all the clusters
> to have the same permissions to the LDAP users?
>
> In the time, I'll add more servers to this, so handle server by server
> all the permissions to each user is not a nice way to handle it.
>
> Probs this is already solved somehow, but I can't find it.
As you said, LDAP only deals with authentication not authorization.
If you want to implement security using PostgreSQL, then you will have
to replicate the DDL, GRANTS, memberships, etc
>
> Thx!
view thread (2+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Clusters and shared permissions using LDAP
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox