Database Access Rules Configuration
Given an already created instance (Database Instance Initialization), PostgreSQL provides mechanisms to restrict data access. This is the first level of security for the PostgreSQL instance, determining whether a connection will be allowed.
Client authentication is controlled by the pg_hba.conf configuration file, also stored in the cluster's data directory (hba stands for host-based authentication). A default pg_hba.conf file is installed when the database instance is initialized.
When configuring Access Rules, it is possible to specify the connection type, the name(s) of the Database(s), the user(s) or group(s) identification, the subnet or authorized host, and the authentication method.
-
All components installed.
pgsmart db config [Flags]
Flags
-D, --pgdata=<path> [Default: data].=> PostgreSQL instance Data Directory.-M, --pgversion=(11|12|13|14|15).=> PostgreSQL major version.-a, --agent=<agent>. => Alias, hostname, or IP of the server where the desired PgSmart Agent is installed.-h, --help. => Help
Non-interactive execution is disabled for this operation.
pgsmart db config
Configuring Access Rules for the Database Instance
-
Select the
PgSmart Agent(or Register a new Agent). -
Select
Configurações das instânciasfrom the options menu. -
Select the
Data Directoryof the PostgreSQL instance for which you want to configure the access rules. -
Select the
Regras de Acessooption.
When selecting the Access Rules option, the following operations will be available:
- Listar: Allows viewing existing access rules.
- Criar: Allows creating a new access rule.
- Alterar: Allows modifying an access rule.
- Duplicar: Allows duplicating an access rule.
- Remover: Allows removing an access rule.
List Access Rules
- Instructions
- Video
-
Select the
Listaroperation.The list of current Access Rules will be displayed.
Figure 1 - Access Rules - List
Create an Access Rule
- Instructions
- Video
-
Select the
Criaroperation. -
Select the
Type of Access Rule. -
Specify which
databaseswill be included in the new Access Rule. (Default: all - any localhost connection will match any database.) -
Specify the
users or groupsto be included in the new Access Rule (Default: all - everyone). -
Specify the
subnet or authorized host. -
Select the authentication method.
-
Confirm the creation of the new Access Rule.
-
Confirm the
Reloadto apply the new Access Rules.
Figure 2 - Access Rules - Create
Modify an Access Rule
- Instructions
- Video
-
Select the
Alteraroperation.When selecting this action, PgSmart will display a list of valid access rules.
-
Select the rule you want to modify.
-
Adjust the desired item(s) in the presented sequence of options, confirming each item with [Enter].
-
Confirm the modification of the Access Rule.
-
Confirm the
Reloadof the PostgreSQL instance.
Figure 3 - Access Rules - Modify
Remove an Access Rule
- Instructions
- Video
-
Select the
Removeroperation.When selecting this action, PgSmart will display a list of valid access rules.
-
Select the
Access Ruleyou wish to remove. -
Confirm the removal.
-
Confirm the
Reloadof the PostgreSQL instance.
Figure 4 - Access Rules - Remove
Duplicate an Access Rule
- Instructions
- Video
- Select the
Duplicaroperation.
When selecting this action, PgSmart will display a list of valid access rules.
-
Select the rule you wish to duplicate.
-
Adjust each option for the new rule, confirming each item with [Enter].
-
Confirm the duplication of the Access Rule.
-
Confirm the
Reloadof the PostgreSQL instance.
-
To apply actions to Access Rules, it is necessary to perform the
Reloadof the PostgreSQL instance. -
This option is provided by PgSmart at the time of operation confirmation.
-
If
Reloadis not confirmed, the configuration will remain in the file until the instance reload is executed.