PGD predefined roles v6.1.0

PGD predefined roles are created when the BDR extension is installed. After BDR extension is dropped from a database, the roles continue to exist. You need to drop them manually if dropping is required.

bdr_superuser

This role is for an admin user that can manage anything PGD related. It allows you to separate management of the database and table access. Using it allows you to have a user that can manage the PGD cluster without giving them PostgreSQL superuser privileges.

Privileges

• ALL PRIVILEGES ON ALL TABLES IN SCHEMA BDR
• ALL PRIVILEGES ON ALL ROUTINES IN SCHEMA BDR

bdr_read_all_stats

This role provides read access to most of the tables, views, and functions that users or applications may need to observe the statistics and state of the PGD cluster.

Privileges

SELECT privilege on:

• bdr.autopartition_partitions
• bdr.autopartition_rules
• bdr.ddl_epoch
• bdr.ddl_replication
• bdr.global_consensus_journal_details
• bdr.global_lock
• bdr.global_locks
• bdr.group_camo_details
• bdr.local_consensus_state
• bdr.local_node_summary
• bdr.node
• bdr.node_catchup_info
• bdr.node_catchup_info_details
• bdr.node_conflict_resolvers
• bdr.node_group
• bdr.node_local_info
• bdr.node_peer_progress
• bdr.node_replication_rates
• bdr.node_slots
• bdr.node_summary
• bdr.replication_sets
• bdr.replication_status
• bdr.sequences
• bdr.stat_activity
• bdr.stat_relation
• bdr.stat_subscription deprecated
• bdr.state_journal_details
• bdr.subscription
• bdr.subscription_summary
• bdr.tables
• bdr.taskmgr_local_work_queue
• bdr.taskmgr_work_queue
• bdr.worker_errors deprecated
• bdr.workers
• bdr.writers
• bdr.xid_peer_progress

EXECUTE privilege on:

• bdr.bdr_edition deprecated
• bdr.bdr_version
• bdr.bdr_version_num
• bdr.decode_message_payload
• bdr.get_consensus_status
• bdr.get_decoding_worker_stat
• bdr.get_global_locks
• bdr.get_min_required_replication_slots
• bdr.get_min_required_worker_processes
• bdr.get_raft_status
• bdr.get_relation_stats
• bdr.get_slot_flush_timestamp
• bdr.get_sub_progress_timestamp
• bdr.get_subscription_stats
• bdr.lag_control
• bdr.lag_history
• bdr.node_catchup_state_name
• bdr.node_kind_name
• bdr.peer_state_name
• bdr.show_subscription_status
• bdr.show_workers
• bdr.show_writers
• bdr.stat_get_activity
• bdr.wal_sender_stats
• bdr.worker_role_id_name

bdr_monitor

This role provides read access to any tables, views, and functions that users or applications may need to monitor the PGD cluster. It includes all the privileges of the bdr_read_all_stats role.

Privileges

All privileges from bdr_read_all_stats plus the following additional privileges:

SELECT privilege on:

• bdr.group_raft_details
• bdr.group_replslots_details
• bdr.group_subscription_summary
• bdr.group_versions_details
• bdr.raft_instances

EXECUTE privilege on:

• bdr.get_raft_instance_by_nodegroup
• bdr.monitor_camo_on_all_nodes
• bdr.monitor_group_raft
• bdr.monitor_group_versions
• bdr.monitor_local_replslots
• bdr.monitor_raft_details_on_all_nodes
• bdr.monitor_replslots_details_on_all_nodes
• bdr.monitor_subscription_details_on_all_nodes
• bdr.monitor_version_details_on_all_nodes
• bdr.node_group_member_info

bdr_application

This role is designed for applications that require access to PGD features, objects, and functions such as sequences, CRDT datatypes, CAMO status functions, or trigger management functions.

Privileges

EXECUTE privilege on:

• All functions for column_timestamps datatypes
• All functions for CRDT datatypes
• bdr.alter_sequence_set_kind
• bdr.create_conflict_trigger
• bdr.create_transform_trigger
• bdr.drop_trigger
• bdr.get_configured_camo_partner
• bdr.global_lock_table
• bdr.is_camo_partner_connected
• bdr.is_camo_partner_ready
• bdr.logical_transaction_status
• bdr.ri_fkey_trigger
• bdr.seq_nextval
• bdr.seq_currval
• bdr.seq_lastval
• bdr.trigger_get_committs
• bdr.trigger_get_conflict_type
• bdr.trigger_get_origin_node_id
• bdr.trigger_get_row
• bdr.trigger_get_type
• bdr.trigger_get_xid
• bdr.wait_for_camo_partner_queue
• bdr.wait_slot_confirm_lsn
• bdr.wait_node_confirm_lsn

Many of these functions require additional privileges before you can use them. For example, you must be the table owner to successfully execute bdr.alter_sequence_set_kind. These additional rules are described with each specific function.

bdr_read_all_conflicts

PGD logs conflicts into the bdr.conflict_history table. Conflicts are visible only to table owners, so no extra privileges are required for the owners to read the conflict history.

However, if it's useful to have a user that can see conflicts for all tables, you can optionally grant the role bdr_read_all_conflicts to that user.

Privileges

An explicit policy is set on bdr.conflict_history that allows this role to read the bdr.conflict_history table.