diff --git a/database-grants/terraform/prod/extra/main.tf b/database-grants/terraform/prod/extra/main.tf index 3ee78b2..3e575c0 100644 --- a/database-grants/terraform/prod/extra/main.tf +++ b/database-grants/terraform/prod/extra/main.tf @@ -22,3 +22,107 @@ resource "postgresql_grant" "wallet-operator-seq" { privileges = ["USAGE", "SELECT"] } + +resource "postgresql_grant" "wallet-operator-schema-public" { + database = "treetracker" + role = "wallet_operator" + schema = "public" + object_type = "schema" + privileges = ["USAGE", "CREATE"] +} + +resource "postgresql_grant" "wallet-operator-table-public" { + database = "treetracker" + role = "wallet_operator" + schema = "public" + object_type = "table" + privileges = ["SELECT", "INSERT", "UPDATE", "DELETE"] +} + + +resource "postgresql_grant" "wallet-operator-seq-public" { + database = "treetracker" + role = "wallet_operator" + schema = "public" + object_type = "sequence" + privileges = ["USAGE", "SELECT"] + +} + + +resource "postgresql_grant" "wallet-operator-schema-herbarium" { + database = "treetracker" + role = "wallet_operator" + schema = "herbarium" + object_type = "schema" + privileges = ["USAGE", "CREATE"] +} + +resource "postgresql_grant" "wallet-operator-table-herbarium" { + database = "treetracker" + role = "wallet_operator" + schema = "herbarium" + object_type = "table" + privileges = ["SELECT", "INSERT", "UPDATE", "DELETE"] +} + + +resource "postgresql_grant" "wallet-operator-seq-herbarium" { + database = "treetracker" + role = "wallet_operator" + schema = "herbarium" + object_type = "sequence" + privileges = ["USAGE", "SELECT"] +} + + +resource "postgresql_grant" "wallet-operator-schema-stakeholder" { + database = "treetracker" + role = "wallet_operator" + schema = "stakeholder" + object_type = "schema" + privileges = ["USAGE", "CREATE"] +} + +resource "postgresql_grant" "wallet-operator-table-stakeholder" { + database = "treetracker" + role = "wallet_operator" + schema = "stakeholder" + object_type = "table" + privileges = ["SELECT", "INSERT", "UPDATE", "DELETE"] +} + + +resource "postgresql_grant" "wallet-operator-seq-stakeholder" { + database = "treetracker" + role = "wallet_operator" + schema = "stakeholder" + object_type = "sequence" + privileges = ["USAGE", "SELECT"] +} + + +resource "postgresql_grant" "wallet-operator-schema-treetracker" { + database = "treetracker" + role = "wallet_operator" + schema = "treetracker" + object_type = "schema" + privileges = ["USAGE", "CREATE"] +} + +resource "postgresql_grant" "wallet-operator-table-treetracker" { + database = "treetracker" + role = "wallet_operator" + schema = "treetracker" + object_type = "table" + privileges = ["SELECT", "INSERT", "UPDATE", "DELETE"] +} + + +resource "postgresql_grant" "wallet-operator-seq-treetracker" { + database = "treetracker" + role = "wallet_operator" + schema = "treetracker" + object_type = "sequence" + privileges = ["USAGE", "SELECT"] +} diff --git a/database-grants/terraform/prod/main.tf b/database-grants/terraform/prod/main.tf index 46ea5ed..9a55a88 100644 --- a/database-grants/terraform/prod/main.tf +++ b/database-grants/terraform/prod/main.tf @@ -56,13 +56,6 @@ module "messaging_schema" { } } -module "query_schema" { - source = "./schemas/query" - providers = { - postgresql = postgresql.treetracker - } -} - module "stakeholder_schema" { source = "./schemas/stakeholder" providers = { diff --git a/database-grants/terraform/prod/schemas/query/main.tf b/database-grants/terraform/prod/schemas/query/main.tf deleted file mode 100644 index d636a82..0000000 --- a/database-grants/terraform/prod/schemas/query/main.tf +++ /dev/null @@ -1,88 +0,0 @@ - -module "microservice_schema" { - source = "./../../modules/microservice_schema" - schema = "query" -} - -resource "postgresql_grant" "query_messaging_schema" { - database = "treetracker" - role = "s_query" - schema = "messaging" - object_type = "schema" - privileges = ["USAGE"] -} - -resource "postgresql_grant" "query_messaging_tables" { - database = "treetracker" - role = "s_query" - schema = "messaging" - object_type = "table" - privileges = ["SELECT"] -} - -resource "postgresql_grant" "query_treetracker_schema" { - database = "treetracker" - role = "s_query" - schema = "treetracker" - object_type = "schema" - privileges = ["USAGE"] -} - -resource "postgresql_grant" "query_treetracker_tables" { - database = "treetracker" - role = "s_query" - schema = "treetracker" - object_type = "table" - privileges = ["SELECT"] -} - -resource "postgresql_grant" "query_stakeholder_schema" { - database = "treetracker" - role = "s_query" - schema = "stakeholder" - object_type = "schema" - privileges = ["USAGE"] -} - -resource "postgresql_grant" "query_stakeholder_tables" { - database = "treetracker" - role = "s_query" - schema = "stakeholder" - object_type = "table" - privileges = ["SELECT"] -} - -resource "postgresql_grant" "query_regions_schema" { - database = "treetracker" - role = "s_query" - schema = "regions" - object_type = "schema" - privileges = ["USAGE"] -} - -resource "postgresql_grant" "query_regions_tables" { - database = "treetracker" - role = "s_query" - schema = "regions" - object_type = "table" - privileges = ["SELECT"] -} - -resource "postgresql_grant" "query_public_schema" { - database = "treetracker" - role = "s_query" - schema = "public" - object_type = "schema" - privileges = ["USAGE"] -} - -resource "postgresql_grant" "query_public_function" { - database = "treetracker" - role = "s_query" - schema = "public" - object_type = "function" - privileges = ["EXECUTE"] -} - - - diff --git a/database-grants/terraform/prod/schemas/query/provider.tf b/database-grants/terraform/prod/schemas/query/provider.tf deleted file mode 100644 index 7c80654..0000000 --- a/database-grants/terraform/prod/schemas/query/provider.tf +++ /dev/null @@ -1,8 +0,0 @@ -terraform { - required_providers { - postgresql = { - source = "cyrilgdn/postgresql" - version = "1.11.0" - } - } -}