How to GRANT superuser to Neon-created db owner role?
When creating database datamart_db, Neon automatically created role datamart_db_owner. We have another role with more restricted access (used by external replicator) that creates tables within this database. Since datamart_db_owner does not own those tables it cannot GRANT privileges on them (even just SELECT). It seems like datamart_db_owner, since we use it as our 'admin' role, should have Postgres SUPERUSER role (ie. the Postgres role, not neon_superuser) but trying fails with "permission denied to alter role" from within the Neon UI. I see your doc on making a new role SUPERUSER (https://neon.tech/postgresql/postgresql-administration/create-superuser-postgresql) but it seems like if SQL Editor is run as datamart_db_owner, that's the one that should be SUPERUSER. Overall, some guidance on how to manage roles within the Neon environment, with its special role configurations, would be helpful -- it seems the docs are mostly about generic Postgres role management.
Neon
How to Create Superuser in PostgreSQL
In this tutorial, you will learn about PostgreSQL superusers and how to create them using the CREATE ROLE statement.
3 Replies
conscious-sapphire•7mo ago
Hi, Neon doesn't support SUPERUSER access, most managed database platforms don't allow this. We'll need to determine another way of doing this to solve your issue.
wise-white•7mo ago
Hi @Kurt Unfortunately, Neon does not support grating superuser. We mention that here:
https://neon.tech/docs/manage/roles#the-neonsuperuser-role
It's not mentioned in the tutorial topic you've referenced above, which we'll fix today.
The highest privileged role in Neon is the neon_superuser role.
Neon
Manage roles - Neon Docs
In Neon, roles are Postgres roles. Each Neon project is created with a Postgres role that is named for your database. For example, if your database is named neondb, the project is created with a role ...
wise-white•7mo ago
Oh, I see Bryan already responded. My view had not refreshed here.