Managing Groups
Groups serve to simplify the assignment of rights. Ordinary privileges must be granted to a single user, one at a time. This can be tedious if several users need to be assigned the same access to a variety of database objects.
Groups are created to avoid this problem. A group simply requires a name, and can be created empty (without users). Once created, users who are intended to share common access privileges are added into the group together, and are henceforth associated by their membership in that group. Rights on database objects are then granted to the group, rather than to each member of the group. For a system with many users and databases, groups make managing rights less of an administrative chore.
Note
Users may belong to any number of groups, or no groups at all.
Creating and Removing Groups
Before you get started managing groups, you should first understand how to create and remove them from the system. Each of these procedures requires superuser privileges. See the section titled Managing Users earlier in this chapter for more about superusers.
Creating a group
Any superuser may create a new group in PostgreSQL with the CREATE
GROUP
command. Here is the syntax for CREATE GROUP
:
CREATE GROUP groupname [ WITH [ SYSID groupid ] [ USER username [, ...] ] ]
In this syntax, groupname
is the name of the group that you wish to create. A groupâs name must start with ...
Get Practical PostgreSQL now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.