Amazon Redshift Grants - New table can't be accessed even though user has grants to all tables in schema

后端 未结 4 1687
心在旅途
心在旅途 2021-02-02 12:13

I have a bit of a funny situation in Amazon Redshift where I have a user X who has grant select on all tables in schema public, but once a new table is created, this grant doesn

相关标签:
4条回答
  • 2021-02-02 12:42

    This is a normal behavior. Only the object owner/superuser have permission to use the object by default.

    http://docs.aws.amazon.com/redshift/latest/dg/r_Privileges.html

    You can add grant command to your create table statement and grant needed privileges for the user.

    0 讨论(0)
  • 2021-02-02 12:49

    When we first spotted new tables not appearing in our reporting tool, I discovered a quick workaround is to re-execute the following SQL statement for the groups/users impacted:

    ALTER DEFAULT PRIVILEGES IN SCHEMA <SCHEMANAME> GRANT SELECT ON TABLES TO GROUP <USER/GROUPNAME>;
    
    0 讨论(0)
  • 2021-02-02 13:01

    Executing the following command as super user (master):

    alter default privileges 
      for user staging_user 
      in schema staging 
      grant select on tables 
      to reporting_user;
    

    will allow reporting_user to select data from all future tables created by staging_user in schema staging.

    0 讨论(0)
  • 2021-02-02 13:04

    In Redshift tables and views do not automatically inherit the permissions of their parent schema. Your newly created tables are only accessible to the user who created them, and the superuser.

    In a recent patch to Redshift a new feature to grant default privileges was implemented that addresses this issue.

    Alter Default Privileges

    The following code snippet will grant select privileges only for all future tables in the sales schema to the sales_admin group. If you want this to apply to existing tables in a schema you will need to combine it with a second grant statement.

    alter default privileges in schema sales grant select on tables to group sales_admin;
    
    0 讨论(0)
提交回复
热议问题