Use TimescaleSecurity

Read-only user

You can create a role that provides read-only access to your database.

Important

Adding a read-only user role to your database does not provide resource isolation. If you want to restrict the access of a read-only user, as well as isolate resources, you can create a read replica instead. For more information, see the read scaling section.

Create a read-only user

You can create a read-only user to provide limited access to your database.

Creating a read-only user

  1. Connect to your database as the tsdbadmin user.

  2. At the psql prompt, create the new role:

    CREATE ROLE readaccess;

  3. Grant the appropriate permissions for the role, as required. For example, to grant SELECT permissions to a specific table, use:

    GRANT SELECT ON <TABLE_NAME> TO readaccess;

    To grant SELECT permissions to all tables in a specific schema, use:

    GRANT SELECT ON ALL TABLES IN SCHEMA <SCHEMA_NAME> TO readaccess;

  4. Create a new user:

    CREATE USER read_user WITH PASSWORD 'read_password';

  5. Assign the role to the new user:

    GRANT readaccess TO read_user;

Keywords

client credentialsaccountsusersmembersread-onlysecurity

Found an issue on this page?Report an issue or Edit this page in GitHub.

PreviousClient credentialsNextConnect with a stricter SSL mode

Related Content

Client credentials
Client credentials to programmatically access your Timescale account
SAML (Security Assertion Markup Language)
Use SAML as authentication for your Timescale account
Multi-factor user authentication
Manage Multi-factor user authentication for your Timescale account
User management
User management in Timescale Cloud
Troubleshooting compression
Suggestions for troubleshooting common problems in compression
Troubleshooting hypertables
Suggestions for troubleshooting common problems in hypertables