Database Privileges
In this section, you can find the details about minimum required database privileges for encryption using Data Security Broker.
Database privileges for encryption and migration
To carry out encryption and migration, Data Security Broker Shield requires certain user permissions on the database. It is recommended that you create a new user on your database for Data Security Broker Shield to use.
Database privileges required for PostgreSQL 12
Operation | Details | Queries used by Shield | Minimum required grants |
---|---|---|---|
Proxy normal operation: Support implicit inserts, and Obtain column information | Access information_schema to get information about columns. This is needed to support queries such as implicit inserts (inserts that don’t have column names specified explicitly). [Per database or per schema or per table that is defined in Data Security Broker] select ordinal_position, column_name, data_type from information_schema .COLUMNS where table_catalog=Database Name and table_schema=Schema Name, and table_name=TableName order by ordinal_position | Select grant is required for all tables that are defined in Data Security Broker. | If a new database, schema or column is added to your protection plan, ensure the grant is applied |
CheckProxyPort | Check if the port specified for the Shield is responsive | Select 1 | Select grant |