Menu
Coming from MySQL and not knowing about ROLEs I absentmindedly tried this
GRANT CREATE ON TABLESPACE pg_default TO username;
It didn't have the desired effect. The command that I was looking for was:
ALTER ROLE username WITH CREATEDB;
But what's the difference precisely? Does giving someone the CREATEDB role implicitly give them CREATE ON TABLESPACE ...? Is there a table where I can see all this?
From the docs, GRANT CREATE ON TABLESPACE means (my emphasis):
For tablespaces, allows tables, indexes, and temporary files to be created within the tablespace, and allows databases to be created that have the tablespace as their default tablespace. (Note that revoking this privilege will not alter the placement of existing objects.)
605
Syntax: ALTER ROLE role_name [WITH] option; The following functions are available with ALTER ROLE statement: SUPERUSER | NOSUPERUSER – It is used to determine if the role is a superuser. VALID UNTIL 'timestamp' – It is used to specify the expiry date and time of a role's password.
They are completely different privileges. CREATEDB means the role can create database. If your role doesn't have that, it can't create databases, period.
Granting CREATE for a tablespace to a role means that the role will be able to use that tablespace as default tablespace for the database. So a role that has CREATEDB will be able to create a database; just not on that tablespace. Note that there's always a pg_default tablespace that will be used as default tablespace for databases that don't otherwise have a default tablespace.
117
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
