Подключиться
Yandex Managed Service for PostgreSQL

User

Статья создана

A set of methods for managing PostgreSQL User resources.

JSON Representation

{
  "name": "string",
  "clusterId": "string",
  "permissions": [
    {
      "databaseName": "string"
    }
  ],
  "connLimit": "string",
  "settings": {
    "defaultTransactionIsolation": "string",
    "lockTimeout": "integer",
    "logMinDurationStatement": "integer",
    "synchronousCommit": "string",
    "tempFileLimit": "integer",
    "logStatement": "string"
  },
  "login": true,
  "grants": [
    "string"
  ]
}
Field Description
name string

Name of the PostgreSQL user.
clusterId string

ID of the PostgreSQL cluster the user belongs to.
permissions[] object

Set of permissions granted to the user to access specific databases.
permissions[].
databaseName		 string

Name of the database that the permission grants access to.
connLimit string (int64)

Maximum number of database connections available to the user.

When used in session pooling, this setting limits the number of connections to every single host in PostgreSQL cluster. In this case, the setting's value must be greater than the total number of connections that backend services can open to access the PostgreSQL cluster. The setting's value should not exceed the value of the Cluster.config.postgresqlConfig_12.effectiveConfig.maxConnections setting.

When used in transaction pooling, this setting limits the number of user's active transactions; therefore, in this mode user can open thousands of connections, but only N concurrent connections will be opened, where N is the value of the setting.

Minimum value: 10 (default: 50), when used in session pooling.
settings object

PostgreSQL user settings.
settings.
defaultTransactionIsolation		 string

SQL sets an isolation level for each transaction. This setting defines the default isolation level to be set for all new SQL transactions.

See in-depth description in PostgreSQL documentation.

  • TRANSACTION_ISOLATION_READ_UNCOMMITTED: this level behaves like TRANSACTION_ISOLATION_READ_COMMITTED in PostgreSQL.
  • TRANSACTION_ISOLATION_READ_COMMITTED: (default) on this level query sees only data committed before the query began.
  • TRANSACTION_ISOLATION_REPEATABLE_READ: on this level all subsequent queries in a transaction will see the same rows, that were read by the first SELECT or INSERT query in this transaction, unchanged (these rows are locked during the first query).
  • TRANSACTION_ISOLATION_SERIALIZABLE: this level provides the strictest transaction isolation. All queries in the current transaction see only the rows that were fixed prior to execution of the first SELECT or INSERT query in this transaction. If read and write operations in a concurrent set of serializable transactions overlap and this may cause an inconsistency that is not possible during the serial transaction execution, then one of the transaction will be rolled back, triggering a serialization failure.
settings.
lockTimeout		 integer (int64)

The maximum time (in milliseconds) for any statement to wait for acquiring a lock on an table, index, row or other database object. If the wait time is longer than the specified amount, then this statement is aborted.

Default value: 0 (no control is enforced, a statement waiting time is unlimited).
settings.
logMinDurationStatement		 integer (int64)

This setting controls logging of the duration of statements.

The duration of each completed statement will be logged if the statement ran for at least the specified amount of time (in milliseconds). E.g., if this setting's value is set to 500, a statement that took 300 milliseconds to complete will not be logged; on the other hand, the one that took 2000 milliseconds to complete, will be logged.

Value of 0 forces PostgreSQL to log the duration of all statements.

Value of -1 (default) disables logging of the duration of statements.

See in-depth description in PostgreSQL documentation.
settings.
synchronousCommit		 string

This setting defines whether DBMS will commit transaction in a synchronous way.

When synchronization is enabled, cluster waits for the synchronous operations to be completed prior to reporting success to the client. These operations guarantee different levels of the data safety and visibility in the cluster.

See in-depth description in PostgreSQL documentation.

  • SYNCHRONOUS_COMMIT_ON: (default value) success is reported to the client if the data is in WAL (Write-Ahead Log), and WAL is written to the storage of both the master and its synchronous standby server.
  • SYNCHRONOUS_COMMIT_OFF: success is reported to the client even if the data is not in WAL. There is no synchronous write operation, data may be loss in case of storage subsystem failure.
  • SYNCHRONOUS_COMMIT_LOCAL: success is reported to the client if the data is in WAL, and WAL is written to the storage of the master server. The transaction may be lost due to storage subsystem failure on the master server.
  • SYNCHRONOUS_COMMIT_REMOTE_WRITE: success is reported to the client if the data is in WAL, WAL is written to the storage of the master server, and the server's synchronous standby indicates that it has received WAL and written it out to its operating system. The transaction may be lost due to simultaneous storage subsystem failure on the master and operating system's failure on the synchronous standby.
  • SYNCHRONOUS_COMMIT_REMOTE_APPLY: success is reported to the client if the data is in WAL (Write-Ahead Log), WAL is written to the storage of the master server, and its synchronous standby indicates that it has received WAL and applied it. The transaction may be lost due to irrecoverably failure of both the master and its synchronous standby.
settings.
tempFileLimit		 integer (int64)

The maximum storage space size (in kilobytes) that a single process can use to create temporary files. If a transaction exceeds this limit during execution, it will be aborted.

A huge query may not fit into a server's RAM, therefore PostgreSQL will use some storage to store and execute such a query. Too big queries can make excessive use of the storage system, effectively making other quieries to run slow. This setting prevents execution of a big queries that can influence other queries by limiting size of temporary files.
settings.
logStatement		 string

This setting specifies which SQL statements should be logged (on the user level).

See in-depth description in PostgreSQL documentation.

  • LOG_STATEMENT_NONE: (default) logs none of SQL statements.
  • LOG_STATEMENT_DDL: logs all data definition statements (such as CREATE, ALTER, DROP and others).
  • LOG_STATEMENT_MOD: logs all statements that fall in the LOG_STATEMENT_DDL category plus data-modifying statements (such as INSERT, UPDATE and others).
  • LOG_STATEMENT_ALL: logs all SQL statements.
login boolean (boolean)

This flag defines whether the user can login to a PostgreSQL database.

Default value: true (login is allowed).
grants[] string

Roles and privileges that are granted to the user (GRANT <role> TO <user>).

For more information, see the documentation.

The maximum string length in characters for each value is 63. Each value must match the regular expression [a-zA-Z0-9_]*.

Methods

Method Description
create Creates a PostgreSQL user in the specified cluster.
delete Deletes the specified PostgreSQL user.
get Returns the specified PostgreSQL User resource.
grantPermission Grants permission to the specified PostgreSQL user.
list Retrieves the list of PostgreSQL User resources in the specified cluster.
revokePermission Revokes permission from the specified PostgreSQL user.
update Updates the specified PostgreSQL user.
В этой статье: